npm - web-vault-crypto - Versions diffs - 0.0.1 - Mend

web-vault-crypto 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (43) hide show

package/LICENSE.txt ADDED Viewed

@@ -0,0 +1,21 @@
+MIT License
+Copyright (c) 2026 - now: Johanna Herrmann
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md ADDED Viewed

@@ -0,0 +1,77 @@
+# web-vault-crypto
+[![NPM](https://nodei.co/npm/web-vault-crypto.svg?style=shields&data=n,v,u,d,s&color=blue)](https://nodei.co/npm/web-vault-crypto/) \
+[![QA-Main](https://github.com/web-vault-org/web-vault-crypto/actions/workflows/qa_main.yml/badge.svg?branch=main)](https://github.com/web-vault-org/web-vault-crypto/actions/workflows/qa_main.yml)
+Crypto-Library for e2e encrypted web vaults,
+using [native web crypto api](https://developer.mozilla.org/en-US/docs/Web/API/Web_Crypto_API)
+and [argon2-browser](https://www.npmjs.com/package/argon2-browser),
+written in typescript, easy to use.
+## Introduction
+This package provides easy to use crypto-functions, suitable for web-vaults (examples: password-safes, e2e encrypted video collections).
+Used crypto-libraries:
+* [argon2-browser](https://www.npmjs.com/package/argon2-browser) for password-based-key-derivation and password hashing,
+  using argon2id
+* [native web crypto api](https://developer.mozilla.org/en-US/docs/Web/API/Web_Crypto_API) for everything else
+## Features
+* key generation
+* password-based key derivation
+* password hashing
+* key wrapping and unwrapping
+* encryption and decryption &minus; `AEAD` using `AES-256-GCM`
+* signing and verification &minus; using `hmac`
+## Usage
+### npm
+Install:
+```bash
+npm install web-vault-crypto
+```
+Import:
+```js
+// Replace createKey with a comma-separated list of the functions, you need
+import { createKey } from 'web-vault-crypto';
+const key = await createKey({ sizeInBytes: 32 });
+// or import all functions
+import webVaultCrypto from 'web-vault-crypto';
+const key = await webVaultCrypto.createKey({ sizeInBytes: 32 });
+```
+### Browser
+```html
+<!-- Load the file from jsDelivr -->
+<script src="https://cdn.jsdelivr.net/npm/web-vault-crypto@latest/dist/web-vault-crypto.js"></script>
+<!-- or load the file from unpkg -->
+<script src="https://unpkg.com/web-vault-crypto@latest/dist/web-vault-crypto.js"></script>
+<!-- or download the file and host it yourself -->
+<script src="/js/web-vault-crypto.js"></script>
+<script>
+// Replace createKey with a comma-separated list of the functions, you need
+const { createKey } = webVaultCrypto;
+const key = await createKey({ sizeInBytes: 32 });
+// or use functions directly
+const key = await webVaultCrypto.createKey({ sizeInBytes: 32 });
+</script>
+```
+## API
+Read [API Documentation](./api.md) to see how to use the functions
+## Crypto/Security
+Read [Security Concept](./crypto.md) to see the crypto/security concepts
+## License
+This project is licensed under the [MIT License](./LICENSE.txt)

package/built/argon2.d.ts ADDED Viewed

@@ -0,0 +1,4 @@
+import { Argon2BrowserHashOptions, Argon2BrowserHashResult } from 'argon2-browser';
+declare const getArgon2Hash: () => (options: Argon2BrowserHashOptions) => Promise<Argon2BrowserHashResult>;
+export { getArgon2Hash };
+//# sourceMappingURL=argon2.d.ts.map

package/built/argon2.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"argon2.d.ts","sourceRoot":"","sources":["../lib/argon2.ts"],"names":[],"mappings":"AAAA,OAAO,EAAQ,wBAAwB,EAAE,uBAAuB,EAAE,MAAM,gBAAgB,CAAC;AAEzF,QAAA,MAAM,aAAa,QAAgB,CAAC,OAAO,EAAE,wBAAwB,KAAK,OAAO,CAAC,uBAAuB,CAExG,CAAC;AAEF,OAAO,EAAE,aAAa,EAAE,CAAC"}

package/built/argon2.js ADDED Viewed

@@ -0,0 +1,6 @@
+import { hash } from 'argon2-browser';
+const getArgon2Hash = function () {
+    return hash;
+};
+export { getArgon2Hash };
+//# sourceMappingURL=argon2.js.map

package/built/argon2.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"argon2.js","sourceRoot":"","sources":["../lib/argon2.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAqD,MAAM,gBAAgB,CAAC;AAEzF,MAAM,aAAa,GAAG;IACpB,OAAO,IAAI,CAAC;AACd,CAAC,CAAC;AAEF,OAAO,EAAE,aAAa,EAAE,CAAC"}

package/built/base64.d.ts ADDED Viewed

@@ -0,0 +1,4 @@
+declare const encode: (bytes: Uint8Array) => string;
+declare const decode: (text: string) => Uint8Array;
+export { encode, decode };
+//# sourceMappingURL=base64.d.ts.map

package/built/base64.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"base64.d.ts","sourceRoot":"","sources":["../lib/base64.ts"],"names":[],"mappings":"AAAA,QAAA,MAAM,MAAM,UAAoB,UAAU,KAAG,MAS5C,CAAC;AAEF,QAAA,MAAM,MAAM,SAAmB,MAAM,KAAG,UASvC,CAAC;AAEF,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC"}

package/built/base64.js ADDED Viewed

@@ -0,0 +1,18 @@
+const encode = function (bytes) {
+    let binary = '';
+    const chunkSize = 0x8000; // 32 KB
+    for (let i = 0; i < bytes.length; i += chunkSize) {
+        binary += String.fromCharCode(...bytes.subarray(i, i + chunkSize));
+    }
+    return btoa(binary);
+};
+const decode = function (text) {
+    const binary = atob(text);
+    const bytes = new Uint8Array(binary.length);
+    for (let i = 0; i < binary.length; i++) {
+        bytes[i] = binary.charCodeAt(i);
+    }
+    return bytes;
+};
+export { encode, decode };
+//# sourceMappingURL=base64.js.map

package/built/base64.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"base64.js","sourceRoot":"","sources":["../lib/base64.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,GAAG,UAAU,KAAiB;IACxC,IAAI,MAAM,GAAG,EAAE,CAAC;IAChB,MAAM,SAAS,GAAG,MAAM,CAAC,CAAC,QAAQ;IAElC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,IAAI,SAAS,EAAE,CAAC;QACjD,MAAM,IAAI,MAAM,CAAC,YAAY,CAAC,GAAG,KAAK,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,CAAC,CAAC;IACrE,CAAC;IAED,OAAO,IAAI,CAAC,MAAM,CAAC,CAAC;AACtB,CAAC,CAAC;AAEF,MAAM,MAAM,GAAG,UAAU,IAAY;IACnC,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1B,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IAE5C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACvC,KAAK,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;IAClC,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC,CAAC;AAEF,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC"}

package/built/createKey.d.ts ADDED Viewed

@@ -0,0 +1,10 @@
+/**
+ * generates a random key with desired size.
+ * @param sizeInBytes - desired key size in bytes
+ * @returns Promise with desired key as Uint8Array
+ */
+declare const createKey: ({ sizeInBytes }: {
+    sizeInBytes: number;
+}) => Promise<Uint8Array>;
+export { createKey };
+//# sourceMappingURL=createKey.d.ts.map

package/built/createKey.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"createKey.d.ts","sourceRoot":"","sources":["../lib/createKey.ts"],"names":[],"mappings":"AAEA;;;;GAIG;AACH,QAAA,MAAM,SAAS,oBAAoC;IAAE,WAAW,EAAE,MAAM,CAAA;CAAE,KAAG,OAAO,CAAC,UAAU,CAS9F,CAAC;AAEF,OAAO,EAAE,SAAS,EAAE,CAAC"}

package/built/createKey.js ADDED Viewed

@@ -0,0 +1,17 @@
+import { getCrypto } from './crypto.js';
+/**
+ * generates a random key with desired size.
+ * @param sizeInBytes - desired key size in bytes
+ * @returns Promise with desired key as Uint8Array
+ */
+const createKey = async function ({ sizeInBytes }) {
+    if (sizeInBytes < 8) {
+        throw new Error('Invalid length. Must be at least 8');
+    }
+    const crypto = getCrypto();
+    const key = new Uint8Array(sizeInBytes);
+    crypto.getRandomValues(key);
+    return key;
+};
+export { createKey };
+//# sourceMappingURL=createKey.js.map

package/built/createKey.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"createKey.js","sourceRoot":"","sources":["../lib/createKey.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,UAAU,CAAC;AAErC;;;;GAIG;AACH,MAAM,SAAS,GAAG,KAAK,WAAW,EAAE,WAAW,EAA2B;IACxE,IAAI,WAAW,GAAG,CAAC,EAAE,CAAC;QACpB,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;IACxD,CAAC;IAED,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAC3B,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,WAAW,CAAC,CAAC;IACxC,MAAM,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC;IAC5B,OAAO,GAAG,CAAC;AACb,CAAC,CAAC;AAEF,OAAO,EAAE,SAAS,EAAE,CAAC"}

package/built/crypto.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+declare const getCrypto: () => Crypto;
+export { getCrypto };
+//# sourceMappingURL=crypto.d.ts.map

package/built/crypto.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"crypto.d.ts","sourceRoot":"","sources":["../lib/crypto.ts"],"names":[],"mappings":"AAAA,QAAA,MAAM,SAAS,QAAgB,MAM9B,CAAC;AAEF,OAAO,EAAE,SAAS,EAAE,CAAC"}

package/built/crypto.js ADDED Viewed

@@ -0,0 +1,10 @@
+const getCrypto = function () {
+    if (!globalThis.crypto?.subtle) {
+        throw new Error('crypto.subtle not available. Wrong Environment or unsecure context');
+    }
+    else {
+        return globalThis.crypto;
+    }
+};
+export { getCrypto };
+//# sourceMappingURL=crypto.js.map

package/built/crypto.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"crypto.js","sourceRoot":"","sources":["../lib/crypto.ts"],"names":[],"mappings":"AAAA,MAAM,SAAS,GAAG;IAChB,IAAI,CAAC,UAAU,CAAC,MAAM,EAAE,MAAM,EAAE,CAAC;QAC/B,MAAM,IAAI,KAAK,CAAC,oEAAoE,CAAC,CAAC;IACxF,CAAC;SAAM,CAAC;QACN,OAAO,UAAU,CAAC,MAAM,CAAC;IAC3B,CAAC;AACH,CAAC,CAAC;AAEF,OAAO,EAAE,SAAS,EAAE,CAAC"}

package/built/encryption.d.ts ADDED Viewed

@@ -0,0 +1,30 @@
+/**
+ * encrypts a string or a Uint8Array
+ * @param content - plaintext as string or Uint8Array
+ * @param key - key as Uint8Array
+ * @param encode - boolean, if plaintext should be base64-encoded
+ * @param additionalData - array of strings, with additional Data for integrity and authenticity checks
+ * @returns Promise with ciphertext, as base64-encoded string if `encode` is true, as Uint8Array if not
+ */
+declare const encrypt: ({ content, key, encode, additionalData }: {
+    content: string | Uint8Array;
+    key: Uint8Array;
+    encode?: boolean;
+    additionalData?: string[];
+}) => Promise<Uint8Array | string>;
+/**
+ * decrypts a string or a Uint8Array
+ * @param content - ciphertext as string or Uint8Array
+ * @param key - key as Uint8Array
+ * @param asString - boolean, if plaintext should be returned as string
+ * @param additionalData - array of strings, with additional Data for integrity and authenticity checks
+ * @returns Promise with plaintext, as string if `asString` is true, as Uint8Array if not
+ */
+declare const decrypt: ({ content, key, asString, additionalData }: {
+    content: string | Uint8Array;
+    key: Uint8Array;
+    asString?: boolean;
+    additionalData?: string[];
+}) => Promise<Uint8Array | string>;
+export { encrypt, decrypt };
+//# sourceMappingURL=encryption.d.ts.map

package/built/encryption.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"encryption.d.ts","sourceRoot":"","sources":["../lib/encryption.ts"],"names":[],"mappings":"AA2BA;;;;;;;GAOG;AACH,QAAA,MAAM,OAAO,6CAKV;IACD,OAAO,EAAE,MAAM,GAAG,UAAU,CAAC;IAC7B,GAAG,EAAE,UAAU,CAAC;IAChB,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;CAC3B,KAAG,OAAO,CAAC,UAAU,GAAG,MAAM,CAkB9B,CAAC;AAEF;;;;;;;GAOG;AACH,QAAA,MAAM,OAAO,+CAKV;IACD,OAAO,EAAE,MAAM,GAAG,UAAU,CAAC;IAC7B,GAAG,EAAE,UAAU,CAAC;IAChB,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;CAC3B,KAAG,OAAO,CAAC,UAAU,GAAG,MAAM,CAmB9B,CAAC;AAEF,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC"}

package/built/encryption.js ADDED Viewed

@@ -0,0 +1,71 @@
+import { importKey, splitByLengths } from './util.js';
+import { encode as encodeBase64, decode as decodeBase64 } from './base64.js';
+import { getCrypto } from './crypto.js';
+const encoder = new TextEncoder();
+const decoder = new TextDecoder();
+const toUint8Array = function (data) {
+    return typeof data === 'string' ? encoder.encode(data) : data;
+};
+const concat = function (...arrays) {
+    const total = arrays.reduce((s, a) => s + a.length, 0);
+    const out = new Uint8Array(total);
+    let offset = 0;
+    for (const a of arrays) {
+        out.set(a, offset);
+        offset += a.length;
+    }
+    return out;
+};
+const encodeAAD = function (additionalData) {
+    if (!additionalData || additionalData.length === 0)
+        return undefined;
+    return encoder.encode(additionalData.join('\u0000'));
+};
+/**
+ * encrypts a string or a Uint8Array
+ * @param content - plaintext as string or Uint8Array
+ * @param key - key as Uint8Array
+ * @param encode - boolean, if plaintext should be base64-encoded
+ * @param additionalData - array of strings, with additional Data for integrity and authenticity checks
+ * @returns Promise with ciphertext, as base64-encoded string if `encode` is true, as Uint8Array if not
+ */
+const encrypt = async function ({ content, key, encode, additionalData }) {
+    if (key.length !== 16 && key.length !== 24 && key.length !== 32) {
+        throw new Error('Invalid key length. Must be 16, 24 or 32');
+    }
+    const crypto = getCrypto();
+    const plaintext = toUint8Array(content);
+    const aad = encodeAAD(additionalData);
+    const contentKey = await crypto.subtle.generateKey({ name: 'AES-GCM', length: key.length * 8 }, true, ['encrypt']);
+    const iv = crypto.getRandomValues(new Uint8Array(12));
+    const ciphertext = new Uint8Array(await crypto.subtle.encrypt({ name: 'AES-GCM', iv, additionalData: aad }, contentKey, plaintext));
+    const kek = await importKey(key, 'AES-KW', ['wrapKey']);
+    const wrappedKey = new Uint8Array(await crypto.subtle.wrapKey('raw', contentKey, kek, { name: 'AES-KW' }));
+    const result = concat(wrappedKey, iv, ciphertext);
+    return encode ? encodeBase64(result) : result;
+};
+/**
+ * decrypts a string or a Uint8Array
+ * @param content - ciphertext as string or Uint8Array
+ * @param key - key as Uint8Array
+ * @param asString - boolean, if plaintext should be returned as string
+ * @param additionalData - array of strings, with additional Data for integrity and authenticity checks
+ * @returns Promise with plaintext, as string if `asString` is true, as Uint8Array if not
+ */
+const decrypt = async function ({ content, key, asString, additionalData }) {
+    if (key.length !== 16 && key.length !== 24 && key.length !== 32) {
+        throw new Error('Invalid key length. Must be 16, 24 or 32');
+    }
+    const crypto = getCrypto();
+    const data = typeof content === 'string' ? decodeBase64(content) : content;
+    const aad = encodeAAD(additionalData);
+    const [wrappedKey, iv, ciphertext] = splitByLengths(data, [key.length + 8, 12]);
+    const kek = await importKey(key, 'AES-KW', ['unwrapKey']);
+    const contentKey = await crypto.subtle.unwrapKey('raw', wrappedKey.buffer, kek, { name: 'AES-KW' }, { name: 'AES-GCM', length: 256 }, false, [
+        'decrypt'
+    ]);
+    const plaintext = new Uint8Array(await crypto.subtle.decrypt({ name: 'AES-GCM', iv, additionalData: aad }, contentKey, ciphertext));
+    return asString ? decoder.decode(plaintext) : plaintext;
+};
+export { encrypt, decrypt };
+//# sourceMappingURL=encryption.js.map

package/built/encryption.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"encryption.js","sourceRoot":"","sources":["../lib/encryption.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,cAAc,EAAE,MAAM,QAAQ,CAAC;AACnD,OAAO,EAAE,MAAM,IAAI,YAAY,EAAE,MAAM,IAAI,YAAY,EAAE,MAAM,UAAU,CAAC;AAC1E,OAAO,EAAE,SAAS,EAAE,MAAM,UAAU,CAAC;AAErC,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC;AAClC,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC;AAElC,MAAM,YAAY,GAAG,UAAU,IAAyB;IACtD,OAAO,OAAO,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;AAChE,CAAC,CAAC;AAEF,MAAM,MAAM,GAAG,UAAU,GAAG,MAAoB;IAC9C,MAAM,KAAK,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;IACvD,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,KAAK,CAAC,CAAC;IAClC,IAAI,MAAM,GAAG,CAAC,CAAC;IACf,KAAK,MAAM,CAAC,IAAI,MAAM,EAAE,CAAC;QACvB,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;QACnB,MAAM,IAAI,CAAC,CAAC,MAAM,CAAC;IACrB,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC,CAAC;AAEF,MAAM,SAAS,GAAG,UAAU,cAAyB;IACnD,IAAI,CAAC,cAAc,IAAI,cAAc,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,SAAS,CAAC;IACrE,OAAO,OAAO,CAAC,MAAM,CAAC,cAAc,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC;AACvD,CAAC,CAAC;AAEF;;;;;;;GAOG;AACH,MAAM,OAAO,GAAG,KAAK,WAAW,EAC9B,OAAO,EACP,GAAG,EACH,MAAM,EACN,cAAc,EAMf;IACC,IAAI,GAAG,CAAC,MAAM,KAAK,EAAE,IAAI,GAAG,CAAC,MAAM,KAAK,EAAE,IAAI,GAAG,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;QAChE,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;IAC9D,CAAC;IAED,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAE3B,MAAM,SAAS,GAAG,YAAY,CAAC,OAAO,CAAC,CAAC;IACxC,MAAM,GAAG,GAAG,SAAS,CAAC,cAAc,CAAC,CAAC;IACtC,MAAM,UAAU,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,EAAE,EAAE,IAAI,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC;IACnH,MAAM,EAAE,GAAG,MAAM,CAAC,eAAe,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC;IACtD,MAAM,UAAU,GAAG,IAAI,UAAU,CAAC,MAAM,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,EAAE,EAAE,cAAc,EAAE,GAAG,EAAE,EAAE,UAAU,EAAE,SAAS,CAAC,CAAC,CAAC;IAEpI,MAAM,GAAG,GAAG,MAAM,SAAS,CAAC,GAAG,EAAE,QAAQ,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC;IACxD,MAAM,UAAU,GAAG,IAAI,UAAU,CAAC,MAAM,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,KAAK,EAAE,UAAU,EAAE,GAAG,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,CAAC,CAAC;IAE3G,MAAM,MAAM,GAAG,MAAM,CAAC,UAAU,EAAE,EAAE,EAAE,UAAU,CAAC,CAAC;IAClD,OAAO,MAAM,CAAC,CAAC,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;AAChD,CAAC,CAAC;AAEF;;;;;;;GAOG;AACH,MAAM,OAAO,GAAG,KAAK,WAAW,EAC9B,OAAO,EACP,GAAG,EACH,QAAQ,EACR,cAAc,EAMf;IACC,IAAI,GAAG,CAAC,MAAM,KAAK,EAAE,IAAI,GAAG,CAAC,MAAM,KAAK,EAAE,IAAI,GAAG,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;QAChE,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;IAC9D,CAAC;IAED,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAE3B,MAAM,IAAI,GAAG,OAAO,OAAO,KAAK,QAAQ,CAAC,CAAC,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC;IAC3E,MAAM,GAAG,GAAG,SAAS,CAAC,cAAc,CAAC,CAAC;IACtC,MAAM,CAAC,UAAU,EAAE,EAAE,EAAE,UAAU,CAAC,GAAG,cAAc,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;IAEhF,MAAM,GAAG,GAAG,MAAM,SAAS,CAAC,GAAG,EAAE,QAAQ,EAAE,CAAC,WAAW,CAAC,CAAC,CAAC;IAC1D,MAAM,UAAU,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,EAAE,UAAU,CAAC,MAAM,EAAE,GAAG,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE;QAC3I,SAAS;KACV,CAAC,CAAC;IAEH,MAAM,SAAS,GAAG,IAAI,UAAU,CAAC,MAAM,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,EAAE,EAAE,cAAc,EAAE,GAAG,EAAE,EAAE,UAAU,EAAE,UAAU,CAAC,CAAC,CAAC;IAEpI,OAAO,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;AAC1D,CAAC,CAAC;AAEF,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC"}

package/built/hashing.d.ts ADDED Viewed

@@ -0,0 +1,26 @@
+/**
+ * derives key from password
+ * @param password - password to derive the key from
+ * @param sizeInBytes - desired key size in bytes
+ * @param salt - salt as string (optional, new random salt will be used if not provided)
+ * @returns Promise with array containing: salt as string, desired key as Uint8Array
+ */
+declare const derivePasswordKey: ({ password, sizeInBytes, salt }: {
+    password: string;
+    sizeInBytes: number;
+    salt?: string;
+}) => Promise<[string, Uint8Array]>;
+/**
+ * hashes password
+ * @param password - password to hash
+ * @param sizeInBytes - desired hash size in bytes
+ * @param salt - salt as string (optional, new random salt will be used if not provided)
+ * @returns Promise with array containing: salt as string, hash as base64-encoded string
+ */
+declare const hashPassword: ({ password, sizeInBytes, salt }: {
+    password: string;
+    sizeInBytes: number;
+    salt?: string;
+}) => Promise<[string, string]>;
+export { derivePasswordKey, hashPassword };
+//# sourceMappingURL=hashing.d.ts.map

package/built/hashing.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"hashing.d.ts","sourceRoot":"","sources":["../lib/hashing.ts"],"names":[],"mappings":"AASA;;;;;;GAMG;AACH,QAAA,MAAM,iBAAiB,oCAIpB;IACD,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,IAAI,CAAC,EAAE,MAAM,CAAC;CACf,KAAG,OAAO,CAAC,CAAC,MAAM,EAAE,UAAU,CAAC,CAqB/B,CAAC;AAEF;;;;;;GAMG;AACH,QAAA,MAAM,YAAY,oCAIf;IACD,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,IAAI,CAAC,EAAE,MAAM,CAAC;CACf,KAAG,OAAO,CAAC,CAAC,MAAM,EAAE,MAAM,CAAC,CAG3B,CAAC;AAEF,OAAO,EAAE,iBAAiB,EAAE,YAAY,EAAE,CAAC"}

package/built/hashing.js ADDED Viewed

@@ -0,0 +1,46 @@
+import { getArgon2Hash } from './argon2.js';
+import { createKey } from './createKey.js';
+import { encode } from './base64.js';
+const createNewSalt = async function () {
+    const key = await createKey({ sizeInBytes: 16 });
+    return encode(key);
+};
+/**
+ * derives key from password
+ * @param password - password to derive the key from
+ * @param sizeInBytes - desired key size in bytes
+ * @param salt - salt as string (optional, new random salt will be used if not provided)
+ * @returns Promise with array containing: salt as string, desired key as Uint8Array
+ */
+const derivePasswordKey = async function ({ password, sizeInBytes, salt }) {
+    if (sizeInBytes < 8) {
+        throw new Error('Invalid key length. Must be at least 8');
+    }
+    salt = salt || (await createNewSalt());
+    if (salt.length < 16) {
+        throw new Error('Invalid salt length. Must be at least 16');
+    }
+    const result = await getArgon2Hash()({
+        salt,
+        pass: password,
+        type: 2,
+        parallelism: 1,
+        hashLen: sizeInBytes,
+        time: 2,
+        mem: 24_576
+    });
+    return [salt, result.hash];
+};
+/**
+ * hashes password
+ * @param password - password to hash
+ * @param sizeInBytes - desired hash size in bytes
+ * @param salt - salt as string (optional, new random salt will be used if not provided)
+ * @returns Promise with array containing: salt as string, hash as base64-encoded string
+ */
+const hashPassword = async function ({ password, sizeInBytes, salt }) {
+    const [salt_, hash] = await derivePasswordKey({ password, sizeInBytes, salt });
+    return [salt_, encode(hash)];
+};
+export { derivePasswordKey, hashPassword };
+//# sourceMappingURL=hashing.js.map

package/built/hashing.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"hashing.js","sourceRoot":"","sources":["../lib/hashing.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AACzC,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AACxC,OAAO,EAAE,MAAM,EAAE,MAAM,UAAU,CAAC;AAElC,MAAM,aAAa,GAAG,KAAK;IACzB,MAAM,GAAG,GAAG,MAAM,SAAS,CAAC,EAAE,WAAW,EAAE,EAAE,EAAE,CAAC,CAAC;IACjD,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC;AACrB,CAAC,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,iBAAiB,GAAG,KAAK,WAAW,EACxC,QAAQ,EACR,WAAW,EACX,IAAI,EAKL;IACC,IAAI,WAAW,GAAG,CAAC,EAAE,CAAC;QACpB,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;IAC5D,CAAC;IAED,IAAI,GAAG,IAAI,IAAI,CAAC,MAAM,aAAa,EAAE,CAAC,CAAC;IAEvC,IAAI,IAAI,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QACrB,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;IAC9D,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,aAAa,EAAE,CAAC;QACnC,IAAI;QACJ,IAAI,EAAE,QAAQ;QACd,IAAI,EAAE,CAAC;QACP,WAAW,EAAE,CAAC;QACd,OAAO,EAAE,WAAW;QACpB,IAAI,EAAE,CAAC;QACP,GAAG,EAAE,MAAM;KACZ,CAAC,CAAC;IACH,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC;AAC7B,CAAC,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,YAAY,GAAG,KAAK,WAAW,EACnC,QAAQ,EACR,WAAW,EACX,IAAI,EAKL;IACC,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,GAAG,MAAM,iBAAiB,CAAC,EAAE,QAAQ,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC,CAAC;IAC/E,OAAO,CAAC,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;AAC/B,CAAC,CAAC;AAEF,OAAO,EAAE,iBAAiB,EAAE,YAAY,EAAE,CAAC"}

package/built/index.d.ts ADDED Viewed

@@ -0,0 +1,56 @@
+import { createKey } from './createKey.js';
+import { derivePasswordKey, hashPassword } from './hashing.js';
+import { wrapKeys, unwrapKeys } from './wrapping.js';
+import { encrypt, decrypt } from './encryption.js';
+import { sign, verify } from './signing.js';
+declare const _default: {
+    createKey: ({ sizeInBytes }: {
+        sizeInBytes: number;
+    }) => Promise<Uint8Array>;
+    derivePasswordKey: ({ password, sizeInBytes, salt }: {
+        password: string;
+        sizeInBytes: number;
+        salt?: string;
+    }) => Promise<[string, Uint8Array]>;
+    hashPassword: ({ password, sizeInBytes, salt }: {
+        password: string;
+        sizeInBytes: number;
+        salt?: string;
+    }) => Promise<[string, string]>;
+    wrapKeys: ({ keys, kek, encode }: {
+        keys: Uint8Array[];
+        kek: Uint8Array;
+        encode?: boolean;
+    }) => Promise<Uint8Array | string>;
+    unwrapKeys: ({ wrappedKeys, kek, lengths }: {
+        wrappedKeys: Uint8Array | string;
+        kek: Uint8Array;
+        lengths?: number[];
+    }) => Promise<Uint8Array[]>;
+    encrypt: ({ content, key, encode, additionalData }: {
+        content: string | Uint8Array;
+        key: Uint8Array;
+        encode?: boolean;
+        additionalData?: string[];
+    }) => Promise<Uint8Array | string>;
+    decrypt: ({ content, key, asString, additionalData }: {
+        content: string | Uint8Array;
+        key: Uint8Array;
+        asString?: boolean;
+        additionalData?: string[];
+    }) => Promise<Uint8Array | string>;
+    sign: ({ data, key, exclude }: {
+        data: Record<string, unknown>;
+        key: Uint8Array;
+        exclude?: string[];
+    }) => Promise<string>;
+    verify: ({ data, key, signature, exclude }: {
+        data: Record<string, unknown>;
+        key: Uint8Array;
+        signature: string;
+        exclude?: string[];
+    }) => Promise<boolean>;
+};
+export default _default;
+export { createKey, derivePasswordKey, hashPassword, wrapKeys, unwrapKeys, encrypt, decrypt, sign, verify };
+//# sourceMappingURL=index.d.ts.map

package/built/index.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../lib/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AACxC,OAAO,EAAE,iBAAiB,EAAE,YAAY,EAAE,MAAM,WAAW,CAAC;AAC5D,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAClD,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AAChD,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,WAAW,CAAC;;;;;;;;YAK4K,CAAC;;;;;YAAk4B,CAAC;;;;;cAA98B,CAAC;;;;;eAA6pC,CAAC;;;;;cAA1X,CAAC;sBAA2B,CAAC;;;;;gBAA25C,CAAC;sBAA2B,CAAC;;;;;eAArsD,CAAC;;;;;;eAAukB,CAAC;;;AAHzwC,wBAAoH;AAEpH,OAAO,EAAE,SAAS,EAAE,iBAAiB,EAAE,YAAY,EAAE,QAAQ,EAAE,UAAU,EAAE,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC"}

package/built/index.js ADDED Viewed

@@ -0,0 +1,8 @@
+import { createKey } from './createKey.js';
+import { derivePasswordKey, hashPassword } from './hashing.js';
+import { wrapKeys, unwrapKeys } from './wrapping.js';
+import { encrypt, decrypt } from './encryption.js';
+import { sign, verify } from './signing.js';
+export default { createKey, derivePasswordKey, hashPassword, wrapKeys, unwrapKeys, encrypt, decrypt, sign, verify };
+export { createKey, derivePasswordKey, hashPassword, wrapKeys, unwrapKeys, encrypt, decrypt, sign, verify };
+//# sourceMappingURL=index.js.map

package/built/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../lib/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AACxC,OAAO,EAAE,iBAAiB,EAAE,YAAY,EAAE,MAAM,WAAW,CAAC;AAC5D,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAClD,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AAChD,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,WAAW,CAAC;AAEzC,eAAe,EAAE,SAAS,EAAE,iBAAiB,EAAE,YAAY,EAAE,QAAQ,EAAE,UAAU,EAAE,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;AAEpH,OAAO,EAAE,SAAS,EAAE,iBAAiB,EAAE,YAAY,EAAE,QAAQ,EAAE,UAAU,EAAE,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC"}

package/built/signing.d.ts ADDED Viewed

@@ -0,0 +1,28 @@
+/**
+ * signs an object
+ * @param data - object to sign
+ * @param key - signing key
+ * @param exclude - array with names of properties to exclude
+ * @returns Promise with signature as base64-encoded string
+ */
+declare const sign: ({ data, key, exclude }: {
+    data: Record<string, unknown>;
+    key: Uint8Array;
+    exclude?: string[];
+}) => Promise<string>;
+/**
+ * verifies an object
+ * @param data - object to verify
+ * @param key - signing key
+ * @param signature - signature as string to verify the object against
+ * @param exclude - array with names of properties to exclude
+ * @returns Promise with boolean, stating if object is authentic and integer
+ */
+declare const verify: ({ data, key, signature, exclude }: {
+    data: Record<string, unknown>;
+    key: Uint8Array;
+    signature: string;
+    exclude?: string[];
+}) => Promise<boolean>;
+export { sign, verify };
+//# sourceMappingURL=signing.d.ts.map

package/built/signing.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"signing.d.ts","sourceRoot":"","sources":["../lib/signing.ts"],"names":[],"mappings":"AAwBA;;;;;;GAMG;AACH,QAAA,MAAM,IAAI,2BAA2C;IAAE,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAAC,GAAG,EAAE,UAAU,CAAC;IAAC,OAAO,CAAC,EAAE,MAAM,EAAE,CAAA;CAAE,KAAG,OAAO,CAAC,MAAM,CAG3I,CAAC;AAEF;;;;;;;GAOG;AACH,QAAA,MAAM,MAAM,sCAKT;IACD,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAC9B,GAAG,EAAE,UAAU,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;CACpB,KAAG,OAAO,CAAC,OAAO,CAGlB,CAAC;AAEF,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC"}

package/built/signing.js ADDED Viewed

@@ -0,0 +1,45 @@
+import { getCrypto } from './crypto.js';
+const createDataString = function (data, exclude) {
+    const filteredData = { ...data };
+    for (const ex of exclude ?? []) {
+        delete filteredData[ex];
+    }
+    return JSON.stringify(filteredData);
+};
+const hmac = async function (dataString, key) {
+    if (key.length < 8) {
+        throw new Error('Invalid key length. Must be at least 8');
+    }
+    const crypto = getCrypto();
+    const encoder = new TextEncoder();
+    const cryptoKey = await crypto.subtle.importKey('raw', key, { name: 'HMAC', hash: 'SHA-256' }, false, ['sign']);
+    const data = encoder.encode(dataString);
+    const signature = await crypto.subtle.sign('HMAC', cryptoKey, data);
+    const hmacBytes = new Uint8Array(signature);
+    return btoa(String.fromCharCode(...hmacBytes));
+};
+/**
+ * signs an object
+ * @param data - object to sign
+ * @param key - signing key
+ * @param exclude - array with names of properties to exclude
+ * @returns Promise with signature as base64-encoded string
+ */
+const sign = async function ({ data, key, exclude }) {
+    const dataString = createDataString(data, exclude);
+    return hmac(dataString, key);
+};
+/**
+ * verifies an object
+ * @param data - object to verify
+ * @param key - signing key
+ * @param signature - signature as string to verify the object against
+ * @param exclude - array with names of properties to exclude
+ * @returns Promise with boolean, stating if object is authentic and integer
+ */
+const verify = async function ({ data, key, signature, exclude }) {
+    const actualSignature = await sign({ data, key, exclude });
+    return actualSignature === signature;
+};
+export { sign, verify };
+//# sourceMappingURL=signing.js.map

package/built/signing.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"signing.js","sourceRoot":"","sources":["../lib/signing.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,UAAU,CAAC;AAErC,MAAM,gBAAgB,GAAG,UAAU,IAA6B,EAAE,OAAkB;IAClF,MAAM,YAAY,GAAG,EAAE,GAAG,IAAI,EAAE,CAAC;IACjC,KAAK,MAAM,EAAE,IAAI,OAAO,IAAI,EAAE,EAAE,CAAC;QAC/B,OAAO,YAAY,CAAC,EAAE,CAAC,CAAC;IAC1B,CAAC;IACD,OAAO,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC;AACtC,CAAC,CAAC;AAEF,MAAM,IAAI,GAAG,KAAK,WAAW,UAAkB,EAAE,GAAe;IAC9D,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACnB,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;IAC5D,CAAC;IAED,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAC3B,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC;IAClC,MAAM,SAAS,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,EAAE,KAAK,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC;IAChH,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;IACxC,MAAM,SAAS,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC;IACpE,MAAM,SAAS,GAAG,IAAI,UAAU,CAAC,SAAS,CAAC,CAAC;IAC5C,OAAO,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,GAAG,SAAS,CAAC,CAAC,CAAC;AACjD,CAAC,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,IAAI,GAAG,KAAK,WAAW,EAAE,IAAI,EAAE,GAAG,EAAE,OAAO,EAA0E;IACzH,MAAM,UAAU,GAAG,gBAAgB,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;IACnD,OAAO,IAAI,CAAC,UAAU,EAAE,GAAG,CAAC,CAAC;AAC/B,CAAC,CAAC;AAEF;;;;;;;GAOG;AACH,MAAM,MAAM,GAAG,KAAK,WAAW,EAC7B,IAAI,EACJ,GAAG,EACH,SAAS,EACT,OAAO,EAMR;IACC,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,EAAE,IAAI,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC,CAAC;IAC3D,OAAO,eAAe,KAAK,SAAS,CAAC;AACvC,CAAC,CAAC;AAEF,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC"}

package/built/util.d.ts ADDED Viewed

@@ -0,0 +1,5 @@
+declare const importKey: (bytes: Uint8Array, name: string, usages: KeyUsage[]) => Promise<CryptoKey>;
+declare const mergeUint8Array: (arrays: Uint8Array[]) => Uint8Array;
+declare const splitByLengths: (array: Uint8Array, lengths: number[]) => Uint8Array[];
+export { importKey, mergeUint8Array, splitByLengths };
+//# sourceMappingURL=util.d.ts.map

package/built/util.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"util.d.ts","sourceRoot":"","sources":["../lib/util.ts"],"names":[],"mappings":"AAEA,QAAA,MAAM,SAAS,UAA0B,UAAU,QAAQ,MAAM,UAAU,QAAQ,EAAE,KAAG,OAAO,CAAC,SAAS,CAGxG,CAAC;AAEF,QAAA,MAAM,eAAe,WAAqB,UAAU,EAAE,KAAG,UAWxD,CAAC;AAEF,QAAA,MAAM,cAAc,UAAoB,UAAU,WAAW,MAAM,EAAE,KAAG,UAAU,EAuBjF,CAAC;AAEF,OAAO,EAAE,SAAS,EAAE,eAAe,EAAE,cAAc,EAAE,CAAC"}

package/built/util.js ADDED Viewed

@@ -0,0 +1,37 @@
+import { getCrypto } from './crypto.js';
+const importKey = async function (bytes, name, usages) {
+    const crypto = getCrypto();
+    return await crypto.subtle.importKey('raw', bytes, { name }, true, usages);
+};
+const mergeUint8Array = function (arrays) {
+    const totalLength = arrays.reduce((sum, a) => sum + a.length, 0);
+    const result = new Uint8Array(totalLength);
+    let offset = 0;
+    for (const a of arrays) {
+        result.set(a, offset);
+        offset += a.length;
+    }
+    return result;
+};
+const splitByLengths = function (array, lengths) {
+    if (lengths.length === 0) {
+        return [array];
+    }
+    const result = [];
+    let offset = 0;
+    for (const len of lengths) {
+        if (offset + len > array.length) {
+            result.push(array.slice(offset));
+            offset = array.length;
+            break;
+        }
+        result.push(array.slice(offset, offset + len));
+        offset += len;
+    }
+    if (offset < array.length) {
+        result.push(array.slice(offset));
+    }
+    return result;
+};
+export { importKey, mergeUint8Array, splitByLengths };
+//# sourceMappingURL=util.js.map

package/built/util.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"util.js","sourceRoot":"","sources":["../lib/util.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,UAAU,CAAC;AAErC,MAAM,SAAS,GAAG,KAAK,WAAW,KAAiB,EAAE,IAAY,EAAE,MAAkB;IACnF,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAC3B,OAAO,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC;AAC7E,CAAC,CAAC;AAEF,MAAM,eAAe,GAAG,UAAU,MAAoB;IACpD,MAAM,WAAW,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;IACjE,MAAM,MAAM,GAAG,IAAI,UAAU,CAAC,WAAW,CAAC,CAAC;IAE3C,IAAI,MAAM,GAAG,CAAC,CAAC;IACf,KAAK,MAAM,CAAC,IAAI,MAAM,EAAE,CAAC;QACvB,MAAM,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;QACtB,MAAM,IAAI,CAAC,CAAC,MAAM,CAAC;IACrB,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC,CAAC;AAEF,MAAM,cAAc,GAAG,UAAU,KAAiB,EAAE,OAAiB;IACnE,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,CAAC,KAAK,CAAC,CAAC;IACjB,CAAC;IAED,MAAM,MAAM,GAAG,EAAE,CAAC;IAClB,IAAI,MAAM,GAAG,CAAC,CAAC;IAEf,KAAK,MAAM,GAAG,IAAI,OAAO,EAAE,CAAC;QAC1B,IAAI,MAAM,GAAG,GAAG,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC;YAChC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC;YACjC,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC;YACtB,MAAM;QACR,CAAC;QACD,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,MAAM,EAAE,MAAM,GAAG,GAAG,CAAC,CAAC,CAAC;QAC/C,MAAM,IAAI,GAAG,CAAC;IAChB,CAAC;IAED,IAAI,MAAM,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC;QAC1B,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC;IACnC,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC,CAAC;AAEF,OAAO,EAAE,SAAS,EAAE,eAAe,EAAE,cAAc,EAAE,CAAC"}

package/built/wrapping.d.ts ADDED Viewed

@@ -0,0 +1,26 @@
+/**
+ * wraps/encrypts keys
+ * @param keys - keys to wrap/encrypt (length (in bytes) for each key must be multiple of 8)
+ * @param kek - key used to encrypt the keys
+ * @param encode - boolean, if wrapped keys should be base64-encoded
+ * @returns Promise with wrappedKeys, as base64-encoded string if `encode` is true, as Uint8Array if not
+ */
+declare const wrapKeys: ({ keys, kek, encode }: {
+    keys: Uint8Array[];
+    kek: Uint8Array;
+    encode?: boolean;
+}) => Promise<Uint8Array | string>;
+/**
+ * unwraps/decrypts keys
+ * @param wrappedKeys - keys to unwrap/decrypt
+ * @param kek - key used to encrypt the keys
+ * @param lengths - An array of `number`s, providing the lengths of the unwrapped keys
+ * @returns Promise with an array of unwrapped keys
+ */
+declare const unwrapKeys: ({ wrappedKeys, kek, lengths }: {
+    wrappedKeys: Uint8Array | string;
+    kek: Uint8Array;
+    lengths?: number[];
+}) => Promise<Uint8Array[]>;
+export { wrapKeys, unwrapKeys };
+//# sourceMappingURL=wrapping.d.ts.map

package/built/wrapping.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"wrapping.d.ts","sourceRoot":"","sources":["../lib/wrapping.ts"],"names":[],"mappings":"AAIA;;;;;;GAMG;AACH,QAAA,MAAM,QAAQ,0BAA0C;IAAE,IAAI,EAAE,UAAU,EAAE,CAAC;IAAC,GAAG,EAAE,UAAU,CAAC;IAAC,MAAM,CAAC,EAAE,OAAO,CAAA;CAAE,KAAG,OAAO,CAAC,UAAU,GAAG,MAAM,CAmB9I,CAAC;AAEF;;;;;;GAMG;AACH,QAAA,MAAM,UAAU,kCAIb;IACD,WAAW,EAAE,UAAU,GAAG,MAAM,CAAC;IACjC,GAAG,EAAE,UAAU,CAAC;IAChB,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;CACpB,KAAG,OAAO,CAAC,UAAU,EAAE,CAkBvB,CAAC;AAEF,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,CAAC"}

package/built/wrapping.js ADDED Viewed

@@ -0,0 +1,52 @@
+import { getCrypto } from './crypto.js';
+import { importKey, mergeUint8Array, splitByLengths } from './util.js';
+import { decode, encode as encodeBase64 } from './base64.js';
+/**
+ * wraps/encrypts keys
+ * @param keys - keys to wrap/encrypt (length (in bytes) for each key must be multiple of 8)
+ * @param kek - key used to encrypt the keys
+ * @param encode - boolean, if wrapped keys should be base64-encoded
+ * @returns Promise with wrappedKeys, as base64-encoded string if `encode` is true, as Uint8Array if not
+ */
+const wrapKeys = async function ({ keys, kek, encode }) {
+    if (kek.length !== 16 && kek.length !== 24 && kek.length !== 32) {
+        throw new Error('Invalid kek length. Must be 16, 24 or 32');
+    }
+    const keysLength = keys.reduce((a, b) => a + b.length, 0);
+    if (keysLength <= 0 || keysLength % 8 > 0) {
+        throw new Error('Invalid keys length. Must be multiple of 8 bytes');
+    }
+    const crypto = getCrypto();
+    const key = mergeUint8Array(keys);
+    const keyMaterial = await importKey(key, 'AES-KW', ['wrapKey']);
+    const kekMaterial = await importKey(kek, 'AES-KW', ['wrapKey']);
+    const wrapped = await crypto.subtle.wrapKey('raw', keyMaterial, kekMaterial, { name: 'AES-KW' });
+    if (encode) {
+        return encodeBase64(new Uint8Array(wrapped));
+    }
+    return new Uint8Array(wrapped);
+};
+/**
+ * unwraps/decrypts keys
+ * @param wrappedKeys - keys to unwrap/decrypt
+ * @param kek - key used to encrypt the keys
+ * @param lengths - An array of `number`s, providing the lengths of the unwrapped keys
+ * @returns Promise with an array of unwrapped keys
+ */
+const unwrapKeys = async function ({ wrappedKeys, kek, lengths }) {
+    if (kek.length !== 16 && kek.length !== 24 && kek.length !== 32) {
+        throw new Error('Invalid kek length. Must be 16, 24 or 32');
+    }
+    const crypto = getCrypto();
+    const kekMaterial = await importKey(kek, 'AES-KW', ['unwrapKey']);
+    const wrappedKey = typeof wrappedKeys === 'string' ? decode(wrappedKeys) : wrappedKeys;
+    const unwrappedKey = await crypto.subtle.unwrapKey('raw', wrappedKey.buffer, kekMaterial, { name: 'AES-KW' }, { name: 'AES-KW' }, true, [
+        'wrapKey',
+        'unwrapKey'
+    ]);
+    const rawKey = await crypto.subtle.exportKey('raw', unwrappedKey);
+    const key = new Uint8Array(rawKey);
+    return splitByLengths(key, lengths ?? []);
+};
+export { wrapKeys, unwrapKeys };
+//# sourceMappingURL=wrapping.js.map

package/built/wrapping.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"wrapping.js","sourceRoot":"","sources":["../lib/wrapping.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,UAAU,CAAC;AACrC,OAAO,EAAE,SAAS,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,QAAQ,CAAC;AACpE,OAAO,EAAE,MAAM,EAAE,MAAM,IAAI,YAAY,EAAE,MAAM,UAAU,CAAC;AAE1D;;;;;;GAMG;AACH,MAAM,QAAQ,GAAG,KAAK,WAAW,EAAE,IAAI,EAAE,GAAG,EAAE,MAAM,EAA6D;IAC/G,IAAI,GAAG,CAAC,MAAM,KAAK,EAAE,IAAI,GAAG,CAAC,MAAM,KAAK,EAAE,IAAI,GAAG,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;QAChE,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;IAC9D,CAAC;IACD,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;IAC1D,IAAI,UAAU,IAAI,CAAC,IAAI,UAAU,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;QAC1C,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;IACtE,CAAC;IAED,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAC3B,MAAM,GAAG,GAAG,eAAe,CAAC,IAAI,CAAC,CAAC;IAClC,MAAM,WAAW,GAAG,MAAM,SAAS,CAAC,GAAG,EAAE,QAAQ,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC;IAChE,MAAM,WAAW,GAAG,MAAM,SAAS,CAAC,GAAG,EAAE,QAAQ,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC;IAChE,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,KAAK,EAAE,WAAW,EAAE,WAAW,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,CAAC;IAEjG,IAAI,MAAM,EAAE,CAAC;QACX,OAAO,YAAY,CAAC,IAAI,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC;IAC/C,CAAC;IACD,OAAO,IAAI,UAAU,CAAC,OAAO,CAAC,CAAC;AACjC,CAAC,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,UAAU,GAAG,KAAK,WAAW,EACjC,WAAW,EACX,GAAG,EACH,OAAO,EAKR;IACC,IAAI,GAAG,CAAC,MAAM,KAAK,EAAE,IAAI,GAAG,CAAC,MAAM,KAAK,EAAE,IAAI,GAAG,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;QAChE,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;IAC9D,CAAC;IAED,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAC3B,MAAM,WAAW,GAAG,MAAM,SAAS,CAAC,GAAG,EAAE,QAAQ,EAAE,CAAC,WAAW,CAAC,CAAC,CAAC;IAClE,MAAM,UAAU,GAAG,OAAO,WAAW,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC;IAEvF,MAAM,YAAY,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,EAAE,UAAU,CAAC,MAAM,EAAE,WAAW,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,IAAI,EAAE;QACtI,SAAS;QACT,WAAW;KACZ,CAAC,CAAC;IAEH,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,EAAE,YAAY,CAAC,CAAC;IAClE,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC;IAEnC,OAAO,cAAc,CAAC,GAAG,EAAE,OAAO,IAAI,EAAE,CAAC,CAAC;AAC5C,CAAC,CAAC;AAEF,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,CAAC"}

package/package.json ADDED Viewed

@@ -0,0 +1,60 @@
+{
+  "name": "web-vault-crypto",
+  "version": "0.0.1",
+  "description": "Crypto-Library for e2e encrypted web vaults, using native web crypto api, written in typescript, easy to use.",
+  "private": false,
+  "type": "module",
+  "main": "build/index.js",
+  "types": "build/index.d.ts",
+  "files": [
+    "built"
+  ],
+  "scripts": {
+    "lint": "eslint .",
+    "lint:fix": "eslint . --fix",
+    "test": "jest --runInBand --verbose --detectOpenHandles --forceExit",
+    "audit": "better-npm-audit audit",
+    "qa": "npm run lint && npm run audit && npm run test",
+    "build": "tsc --project tsconfig.json && tsc-alias -f -p tsconfig.json && webpack"
+  },
+  "devDependencies": {
+    "@eslint/compat": "^2.0.2",
+    "@eslint/eslintrc": "^3.3.3",
+    "@eslint/js": "^9.26.0",
+    "@types/argon2-browser": "^1.18.4",
+    "@types/jest": "29.5.13",
+    "@typescript-eslint/eslint-plugin": "8.10.0",
+    "argon2": "^0.44.0",
+    "base64-loader": "^1.0.0",
+    "better-npm-audit": "^3.11.0",
+    "eslint": "9.26.0",
+    "eslint-config-prettier": "9.1.0",
+    "eslint-plugin-prettier": "^5.5.5",
+    "globals": "^17.3.0",
+    "jest": "29.7.0",
+    "jest-environment-jsdom": "^30.2.0",
+    "prettier": "3.3.3",
+    "ts-jest": "29.2.5",
+    "ts-node": "^10.9.2",
+    "tsc-alias": "^1.8.16",
+    "typescript": "5.6.3",
+    "typescript-eslint": "^8.54.0",
+    "webpack": "^5.105.1",
+    "webpack-cli": "^6.0.1"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/johanna-herrmann/web-vault-org/web-vault-crypto.git"
+  },
+  "keywords": [
+    "encryption",
+    "crypto",
+    "web",
+    "vault"
+  ],
+  "author": "Johanna Herrmann",
+  "license": "MIT",
+  "dependencies": {
+    "argon2-browser": "^1.18.0"
+  }
+}