UNPKG

@sudowealth/schwab-api

Version:

TypeScript client for Charles Schwab API with OAuth support, market data, trading functionality, and complete type safety

github.com/sudowealth/schwab-api

sudowealth/schwab-api

159 lines (158 loc) 4.57 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
/** * Options for cryptographic operations */ export interface SigningOptions { /** * Algorithm to use for signing * @default 'HMAC' */ algorithm?: 'HMAC' | 'RSA'; /** * Output encoding format * @default 'hex' */ encoding?: 'hex' | 'base64'; /** * Hash algorithm for HMAC * @default 'SHA-256' */ hash?: 'SHA-256' | 'SHA-384' | 'SHA-512'; } /** * Key validation options */ export interface KeyValidationOptions { /** * Minimum key length in characters * @default 32 */ minLength?: number; /** * Minimum entropy (unique characters) * @default 8 */ minEntropy?: number; /** * Check for weak patterns * @default true */ checkWeakPatterns?: boolean; } /** * Create an HMAC key from a secret string * * @param secret The secret key string * @param options Validation options * @returns A CryptoKey for HMAC operations * @throws Error if the secret doesn't meet security requirements * * @example * ```typescript * const key = await createHmacKey('your-secret-key-at-least-32-chars'); * ``` */ export declare function createHmacKey(secret: string, options?: KeyValidationOptions): Promise<CryptoKey>; /** * Sign data using HMAC or RSA * * @param key The CryptoKey to use for signing * @param data The data to sign * @param options Signing options * @returns The signature as a hex or base64 string * * @example * ```typescript * const signature = await signData(key, 'data-to-sign'); * ``` */ export declare function signData(key: CryptoKey, data: string, options?: SigningOptions): Promise<string>; /** * Verify a signature using HMAC or RSA * * @param key The CryptoKey to use for verification * @param signature The signature to verify * @param data The original data that was signed * @param options Signing options (must match those used for signing) * @returns True if the signature is valid, false otherwise * * @example * ```typescript * const isValid = await verifySignature(key, signature, 'data-to-sign'); * ``` */ export declare function verifySignature(key: CryptoKey, signature: string, data: string, options?: SigningOptions): Promise<boolean>; /** * Convert an ArrayBuffer to a hexadecimal string * * @param buffer The buffer to convert * @returns Hex string representation */ export declare function toHex(buffer: ArrayBuffer): string; /** * Convert a hexadecimal string to an ArrayBuffer * * @param hex The hex string to convert * @returns ArrayBuffer representation * @throws Error if the hex string is invalid */ export declare function fromHex(hex: string): ArrayBuffer; /** * Convert an ArrayBuffer to base64 * * @param buffer The buffer to convert * @returns Base64 string */ export declare function bufferToBase64(buffer: ArrayBuffer): string; /** * Convert a base64 string to ArrayBuffer * * @param base64 The base64 string to convert * @returns ArrayBuffer */ export declare function base64ToBuffer(base64: string): ArrayBuffer; /** * Constant-time string comparison to prevent timing attacks * * @param a First string * @param b Second string * @returns True if strings are equal */ export declare function constantTimeCompare(a: string, b: string): boolean; /** * Generate a cryptographically secure random string * * @param length The length of the string to generate * @param charset The character set to use * @returns Random string */ export declare function generateSecureRandomString(length: number, charset?: string): string; /** * Hash data using SHA-256 or other algorithms * * @param data The data to hash * @param algorithm The hash algorithm to use * @returns Hex-encoded hash */ export declare function hashData(data: string, algorithm?: 'SHA-256' | 'SHA-384' | 'SHA-512'): Promise<string>; /** * Create a time-based signature with expiration * * @param key The signing key * @param data The data to sign * @param expiresIn Expiration time in seconds * @returns Signature with timestamp */ export declare function createTimedSignature(key: CryptoKey, data: string, expiresIn?: number): Promise<{ signature: string; expires: number; }>; /** * Verify a time-based signature * * @param key The signing key * @param signature The signature to verify * @param data The original data * @param expires The expiration timestamp * @returns True if valid and not expired */ export declare function verifyTimedSignature(key: CryptoKey, signature: string, data: string, expires: number): Promise<boolean>;