xypriss-security 2.1.3 → 2.1.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +66 -2
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -6,7 +6,7 @@ XyPriss Security is an enterprise-grade cryptographic framework for TypeScript /
|
|
|
6
6
|
|
|
7
7
|
- **Performance**: Optimized execution using lightweight process spawning, bypassing the overhead of standard JavaScript cryptographic implementations without the complexity of CGO.
|
|
8
8
|
- **Universal Portability**: Zero native compilation required. Statically linked pure Go binaries run flawlessly on Linux, Windows, and macOS (amd64/arm64) via a unified interface.
|
|
9
|
-
- **Modern Standards**: Native support for AES-256-GCM, Argon2id, PBKDF2, HKDF, and Post-Quantum algorithms (Kyber-768).
|
|
9
|
+
- **Modern Standards**: Native support for AES-256-GCM, Argon2id, PBKDF2, HKDF, RSA-OAEP, RSA-PSS, and Post-Quantum algorithms (Kyber-768).
|
|
10
10
|
- **Security by Default**: Automatic memory sanitization and secure key derivation patterns.
|
|
11
11
|
- **Zero-Config Installation**: Automatically downloads the exact pre-built binary for your platform during installation (no local Go toolchain required).
|
|
12
12
|
|
|
@@ -16,7 +16,8 @@ The framework documentation is modularized for clarity and depth.
|
|
|
16
16
|
|
|
17
17
|
### Modules
|
|
18
18
|
|
|
19
|
-
- [Core](docs/modules/core.md) - Foundational primitives (Hash, Random, Password, SecureBuffer).
|
|
19
|
+
- [Core](docs/modules/core.md) - Foundational primitives (Hash, Random, Password, SecureBuffer, XyPrissSecurity).
|
|
20
|
+
- [RSA and Byte Utilities](docs/modules/rsa-and-byte-utils.md) - RSA-PSS signing, RSA-OAEP encryption, key generation, and UTF-8 byte validation.
|
|
20
21
|
- [Cache](docs/modules/cache.md) - Ultra-fast secure in-memory cache system (UFSIMC).
|
|
21
22
|
- [Encryption](docs/modules/encryption.md) - High-level data protection services.
|
|
22
23
|
- [Utilities](docs/modules/utils.md) - Encoding and general helpers.
|
|
@@ -82,6 +83,69 @@ const passwords = new pm({
|
|
|
82
83
|
// 2. Use everywhere
|
|
83
84
|
const hash = await passwords.hash("user-password-123");
|
|
84
85
|
const isValid = await passwords.verify("user-password-123", hash);
|
|
86
|
+
|
|
87
|
+
// 3. Detect if a string is already hashed (useful in upsert flows)
|
|
88
|
+
const alreadyHashed = passwords.isHashed(hash); // true
|
|
89
|
+
const notHashed = passwords.isHashed("plane-text"); // false
|
|
90
|
+
```
|
|
91
|
+
|
|
92
|
+
### RSA Asymmetric Cryptography
|
|
93
|
+
|
|
94
|
+
```typescript
|
|
95
|
+
import {
|
|
96
|
+
generateRSAKeyPair,
|
|
97
|
+
rsaSign,
|
|
98
|
+
rsaVerify,
|
|
99
|
+
rsaEncrypt,
|
|
100
|
+
rsaDecrypt,
|
|
101
|
+
} from "xypriss-security";
|
|
102
|
+
|
|
103
|
+
// Generate a 4096-bit key pair (do this once, persist securely)
|
|
104
|
+
const { publicKey, privateKey } = await generateRSAKeyPair();
|
|
105
|
+
|
|
106
|
+
// Sign a payload with your private key
|
|
107
|
+
const signature = await rsaSign(privateKey, "critical-payload");
|
|
108
|
+
|
|
109
|
+
// Verify on the receiver side
|
|
110
|
+
const isValid = await rsaVerify(publicKey, "critical-payload", signature);
|
|
111
|
+
console.log(isValid); // true
|
|
112
|
+
|
|
113
|
+
// Encrypt small data (e.g., symmetric keys) with a public key
|
|
114
|
+
const encrypted = await rsaEncrypt(publicKey, "short-secret");
|
|
115
|
+
const decrypted = await rsaDecrypt(privateKey, encrypted);
|
|
116
|
+
console.log(decrypted); // "short-secret"
|
|
117
|
+
```
|
|
118
|
+
|
|
119
|
+
### Hash Detection
|
|
120
|
+
|
|
121
|
+
```typescript
|
|
122
|
+
import { pm } from "xypriss-security";
|
|
123
|
+
|
|
124
|
+
const passwords = new pm({ algorithm: "argon2id" });
|
|
125
|
+
const hash = await passwords.hash("user-password");
|
|
126
|
+
|
|
127
|
+
// Check before re-hashing
|
|
128
|
+
if (!passwords.isHashed(rawInput)) {
|
|
129
|
+
const stored = await passwords.hash(rawInput);
|
|
130
|
+
}
|
|
131
|
+
```
|
|
132
|
+
|
|
133
|
+
### Byte-Safe Length Validation
|
|
134
|
+
|
|
135
|
+
JavaScript's `.length` counts characters, not bytes. For multi-byte Unicode, this distinction is critical in cryptographic contexts.
|
|
136
|
+
|
|
137
|
+
```typescript
|
|
138
|
+
import { getByteLength, isValidByteLength } from "xypriss-security";
|
|
139
|
+
|
|
140
|
+
// "caf\u00e9" has 4 characters but 5 bytes in UTF-8
|
|
141
|
+
console.log("cafe\u0301".length); // 5 (chars)
|
|
142
|
+
console.log(getByteLength("cafe\u0301")); // 6 (bytes)
|
|
143
|
+
|
|
144
|
+
// Validate AES-256 key material (must be exactly 32 bytes)
|
|
145
|
+
const keyCandidate = "exactly-32-bytes-long-passphrase";
|
|
146
|
+
if (!isValidByteLength(keyCandidate, 32)) {
|
|
147
|
+
throw new Error("Invalid key length.");
|
|
148
|
+
}
|
|
85
149
|
```
|
|
86
150
|
|
|
87
151
|
### Ultra-Fast Secure Caching (UFSIMC)
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "xypriss-security",
|
|
3
|
-
"version": "2.1.
|
|
3
|
+
"version": "2.1.4",
|
|
4
4
|
"description": "Advanced High-Performance Security Framework powered by a Go Core. Military-grade encryption, post-quantum resilience, and fortified data structures.",
|
|
5
5
|
"author": {
|
|
6
6
|
"name": "NEHONIX",
|