UNPKG

better-auth

Version:

The most comprehensive authentication framework for TypeScript.

better-auth.com

better-auth/better-auth

1 lines 3.05 kB
1
{"version":3,"file":"index.mjs","names":[],"sources":["../../src/crypto/index.ts"],"sourcesContent":["import { getWebcryptoSubtle } from \"@better-auth/utils\";\nimport { createHash } from \"@better-auth/utils/hash\";\nimport { xchacha20poly1305 } from \"@noble/ciphers/chacha.js\";\nimport {\n\tbytesToHex,\n\thexToBytes,\n\tmanagedNonce,\n\tutf8ToBytes,\n} from \"@noble/ciphers/utils.js\";\n\nconst algorithm = { name: \"HMAC\", hash: \"SHA-256\" };\n\nexport type SymmetricEncryptOptions = {\n\tkey: string;\n\tdata: string;\n};\n\nexport const symmetricEncrypt = async ({\n\tkey,\n\tdata,\n}: SymmetricEncryptOptions) => {\n\tconst keyAsBytes = await createHash(\"SHA-256\").digest(key);\n\tconst dataAsBytes = utf8ToBytes(data);\n\tconst chacha = managedNonce(xchacha20poly1305)(new Uint8Array(keyAsBytes));\n\treturn bytesToHex(chacha.encrypt(dataAsBytes));\n};\n\nexport type SymmetricDecryptOptions = {\n\tkey: string;\n\tdata: string;\n};\n\nexport const symmetricDecrypt = async ({\n\tkey,\n\tdata,\n}: SymmetricDecryptOptions) => {\n\tconst keyAsBytes = await createHash(\"SHA-256\").digest(key);\n\tconst dataAsBytes = hexToBytes(data);\n\tconst chacha = managedNonce(xchacha20poly1305)(new Uint8Array(keyAsBytes));\n\treturn new TextDecoder().decode(chacha.decrypt(dataAsBytes));\n};\n\nexport const getCryptoKey = async (secret: string | BufferSource) => {\n\tconst secretBuf =\n\t\ttypeof secret === \"string\" ? new TextEncoder().encode(secret) : secret;\n\treturn await getWebcryptoSubtle().importKey(\n\t\t\"raw\",\n\t\tsecretBuf,\n\t\talgorithm,\n\t\tfalse,\n\t\t[\"sign\", \"verify\"],\n\t);\n};\n\nexport const makeSignature = async (\n\tvalue: string,\n\tsecret: string | BufferSource,\n): Promise<string> => {\n\tconst key = await getCryptoKey(secret);\n\tconst signature = await getWebcryptoSubtle().sign(\n\t\talgorithm.name,\n\t\tkey,\n\t\tnew TextEncoder().encode(value),\n\t);\n\t// the returned base64 encoded signature will always be 44 characters long and end with one or two equal signs\n\treturn btoa(String.fromCharCode(...new Uint8Array(signature)));\n};\n\nexport * from \"./buffer\";\nexport * from \"./jwt\";\nexport * from \"./password\";\nexport * from \"./random\";\n"],"mappings":";;;;;;;;;;AAUA,MAAM,YAAY;CAAE,MAAM;CAAQ,MAAM;CAAW;AAOnD,MAAa,mBAAmB,OAAO,EACtC,KACA,WAC8B;CAC9B,MAAM,aAAa,MAAM,WAAW,UAAU,CAAC,OAAO,IAAI;CAC1D,MAAM,cAAc,YAAY,KAAK;AAErC,QAAO,WADQ,aAAa,kBAAkB,CAAC,IAAI,WAAW,WAAW,CAAC,CACjD,QAAQ,YAAY,CAAC;;AAQ/C,MAAa,mBAAmB,OAAO,EACtC,KACA,WAC8B;CAC9B,MAAM,aAAa,MAAM,WAAW,UAAU,CAAC,OAAO,IAAI;CAC1D,MAAM,cAAc,WAAW,KAAK;CACpC,MAAM,SAAS,aAAa,kBAAkB,CAAC,IAAI,WAAW,WAAW,CAAC;AAC1E,QAAO,IAAI,aAAa,CAAC,OAAO,OAAO,QAAQ,YAAY,CAAC;;AAG7D,MAAa,eAAe,OAAO,WAAkC;CACpE,MAAM,YACL,OAAO,WAAW,WAAW,IAAI,aAAa,CAAC,OAAO,OAAO,GAAG;AACjE,QAAO,MAAM,oBAAoB,CAAC,UACjC,OACA,WACA,WACA,OACA,CAAC,QAAQ,SAAS,CAClB;;AAGF,MAAa,gBAAgB,OAC5B,OACA,WACqB;CACrB,MAAM,MAAM,MAAM,aAAa,OAAO;CACtC,MAAM,YAAY,MAAM,oBAAoB,CAAC,KAC5C,UAAU,MACV,KACA,IAAI,aAAa,CAAC,OAAO,MAAM,CAC/B;AAED,QAAO,KAAK,OAAO,aAAa,GAAG,IAAI,WAAW,UAAU,CAAC,CAAC"}