@chittyos/core
Version:
ChittyOS Core - Essential package with ID, auth, verification, beacon tracking, and brand components for all ChittyOS applications
208 lines (207 loc) • 6.67 kB
JavaScript
;
var __create = Object.create;
var __defProp = Object.defineProperty;
var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
var __getOwnPropNames = Object.getOwnPropertyNames;
var __getProtoOf = Object.getPrototypeOf;
var __hasOwnProp = Object.prototype.hasOwnProperty;
var __export = (target, all) => {
for (var name in all)
__defProp(target, name, { get: all[name], enumerable: true });
};
var __copyProps = (to, from, except, desc) => {
if (from && typeof from === "object" || typeof from === "function") {
for (let key of __getOwnPropNames(from))
if (!__hasOwnProp.call(to, key) && key !== except)
__defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
}
return to;
};
var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
// If the importer is in node compatibility mode or this is not an ESM
// file that has been converted to a CommonJS file using a Babel-
// compatible transform (i.e. "__esModule" has not been set), then set
// "default" to the CommonJS "module.exports" for node compatibility.
isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
mod
));
var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
// src/verify/index.ts
var verify_exports = {};
__export(verify_exports, {
configure: () => configure,
default: () => verify_default,
hashData: () => hashData,
sanitizeInput: () => sanitizeInput,
schemas: () => schemas,
signData: () => signData,
validateChecksum: () => validateChecksum,
validateJSON: () => validateJSON,
validateSchema: () => validateSchema,
verifyIntegrity: () => verifyIntegrity,
verifySignedData: () => verifySignedData
});
module.exports = __toCommonJS(verify_exports);
var import_zod = require("zod");
var crypto = __toESM(require("crypto"));
var DEFAULT_CONFIG = {
strictMode: false,
hashAlgorithm: "sha256"
};
var config = { ...DEFAULT_CONFIG };
function configure(customConfig) {
config = { ...config, ...customConfig };
}
function validateSchema(data, schema) {
try {
const validated = schema.parse(data);
return {
valid: true,
data: validated
};
} catch (error) {
if (error instanceof import_zod.z.ZodError) {
return {
valid: false,
errors: error.errors.map((e) => `${e.path.join(".")}: ${e.message}`)
};
}
return {
valid: false,
errors: ["Validation failed"]
};
}
}
var schemas = {
email: import_zod.z.string().email(),
chittyId: import_zod.z.string().regex(/^CID_[A-Za-z0-9_-]{21}$/),
uuid: import_zod.z.string().uuid(),
url: import_zod.z.string().url(),
phoneNumber: import_zod.z.string().regex(/^\+?[1-9]\d{1,14}$/),
dateTime: import_zod.z.string().datetime(),
ipAddress: import_zod.z.string().ip(),
semver: import_zod.z.string().regex(/^\d+\.\d+\.\d+(-[a-zA-Z0-9]+)?$/),
strongPassword: import_zod.z.string().min(8).regex(/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&])[A-Za-z\d@$!%*?&]/),
jwt: import_zod.z.string().regex(/^[A-Za-z0-9-_]+\.[A-Za-z0-9-_]+\.[A-Za-z0-9-_]*$/),
base64: import_zod.z.string().regex(/^[A-Za-z0-9+/]*={0,2}$/),
hexColor: import_zod.z.string().regex(/^#([A-Fa-f0-9]{6}|[A-Fa-f0-9]{3})$/),
creditCard: import_zod.z.string().regex(/^\d{13,19}$/).refine(luhnCheck, {
message: "Invalid credit card number"
})
};
function luhnCheck(cardNumber) {
const digits = cardNumber.replace(/\D/g, "");
let sum = 0;
let isEven = false;
for (let i = digits.length - 1; i >= 0; i--) {
let digit = parseInt(digits[i], 10);
if (isEven) {
digit *= 2;
if (digit > 9) {
digit -= 9;
}
}
sum += digit;
isEven = !isEven;
}
return sum % 10 === 0;
}
function hashData(data, algorithm = config.hashAlgorithm) {
const stringData = typeof data === "string" ? data : JSON.stringify(data);
return crypto.createHash(algorithm).update(stringData).digest("hex");
}
function verifyIntegrity(data, expectedHash, algorithm = config.hashAlgorithm) {
const actualHash = hashData(data, algorithm);
return actualHash === expectedHash;
}
function signData(data, privateKey, chittyId) {
const timestamp = (/* @__PURE__ */ new Date()).toISOString();
const dataToSign = JSON.stringify({ data, timestamp });
const sign = crypto.createSign("SHA256");
sign.update(dataToSign);
const signature = sign.sign(privateKey, "base64");
return {
data,
signature,
timestamp,
chittyId
};
}
function verifySignedData(signedData, publicKey) {
try {
const dataToVerify = JSON.stringify({
data: signedData.data,
timestamp: signedData.timestamp
});
const verify = crypto.createVerify("SHA256");
verify.update(dataToVerify);
const isValid = verify.verify(publicKey, signedData.signature, "base64");
return {
valid: isValid,
errors: isValid ? void 0 : ["Invalid signature"]
};
} catch (error) {
return {
valid: false,
errors: ["Signature verification failed"]
};
}
}
async function validateChecksum(filePath, expectedChecksum, algorithm = "sha256") {
const fs = await import("fs");
const stream = fs.createReadStream(filePath);
const hash = crypto.createHash(algorithm);
return new Promise((resolve, reject) => {
stream.on("data", (data) => hash.update(data));
stream.on("end", () => {
const actualChecksum = hash.digest("hex");
resolve(actualChecksum === expectedChecksum);
});
stream.on("error", reject);
});
}
function sanitizeInput(input) {
let sanitized = input.replace(/[\x00-\x1F\x7F]/g, "");
sanitized = sanitized.replace(/&/g, "&").replace(/</g, "<").replace(/>/g, ">").replace(/"/g, """).replace(/'/g, "'").replace(/\//g, "/");
return sanitized.trim();
}
function validateJSON(jsonString) {
try {
const parsed = JSON.parse(jsonString);
return {
valid: true,
data: parsed
};
} catch (error) {
return {
valid: false,
errors: ["Invalid JSON: " + error.message]
};
}
}
var verify_default = {
configure,
validateSchema,
schemas,
hashData,
verifyIntegrity,
signData,
verifySignedData,
validateChecksum,
sanitizeInput,
validateJSON
};
// Annotate the CommonJS export names for ESM import in node:
0 && (module.exports = {
configure,
hashData,
sanitizeInput,
schemas,
signData,
validateChecksum,
validateJSON,
validateSchema,
verifyIntegrity,
verifySignedData
});
//# sourceMappingURL=index.js.map