UNPKG

locka

Version:

Simple, elegant encryption ttoolkit. AES, XOR, password generation & CLIβ€”zero dependencies.

github.com/Ghostcar5153/locka

Ghostcar5153/locka

174 lines (163 loc) β€’ 5.75 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
// === Locka Web – Browser AES-GCM Encryption === const SALT = new TextEncoder().encode("locka_salt"); const PBKDF2_OPTS = { name: "PBKDF2", salt: SALT, iterations: 100_000, hash: "SHA-256" }; const GCM_ALGO = "AES-GCM"; const IV_LENGTH = 12; async function getKeyMaterial(password) { return crypto.subtle.importKey( "raw", new TextEncoder().encode(password), PBKDF2_OPTS, false, ["deriveKey"] ); } async function deriveKey(password) { if (!crypto?.subtle) throw new Error("πŸ›‘ SubtleCrypto not available"); const keyMat = await getKeyMaterial(password); return crypto.subtle.deriveKey( { ...PBKDF2_OPTS, name: "PBKDF2" }, keyMat, { name: GCM_ALGO, length: 256 }, false, ["encrypt", "decrypt"] ); } export async function encryptWeb(plaintext, password) { try { const iv = crypto.getRandomValues(new Uint8Array(IV_LENGTH)); const key = await deriveKey(password); const ct = await crypto.subtle.encrypt( { name: GCM_ALGO, iv }, key, new TextEncoder().encode(plaintext) ); const iv64 = btoa(String.fromCharCode(...iv)); const data64 = btoa(String.fromCharCode(...new Uint8Array(ct))); return `locka$webv1$${iv64}$${data64}`; } catch (e) { throw new Error("❌ encryptWeb failed: " + e.message); } } export async function decryptWeb(token, password) { try { const parts = token.split("$"); if (parts[0] !== "locka" || !parts[1].startsWith("web") || parts.length !== 4) { throw new Error("Invalid Locka Web token"); } const iv = Uint8Array.from(atob(parts[2]), c => c.charCodeAt(0)); const data = Uint8Array.from(atob(parts[3]), c => c.charCodeAt(0)); const key = await deriveKey(password); const pt = await crypto.subtle.decrypt({ name: GCM_ALGO, iv }, key, data); return new TextDecoder().decode(pt); } catch (e) { throw new Error("❌ decryptWeb failed: " + e.message); } } export function generatePassword(length = 16, opts = {}) { const base = opts.lowercase === false ? "" : "abcdefghijklmnopqrstuvwxyz"; const upper = opts.uppercase === false ? "" : "ABCDEFGHIJKLMNOPQRSTUVWXYZ"; const numbers = opts.numbers === false ? "" : "0123456789"; const symbols = opts.symbols ? "!@#$%^&*()_+-=[]{};:,.<>?" : ""; const charset = base + upper + numbers + symbols; if (!charset) throw new Error("πŸ›‘ Locka: charset empty."); let res = ""; const rnd = () => crypto.getRandomValues(new Uint8Array(1))[0]; while (res.length < length) { const b = rnd(); if (b < charset.length * 4) res += charset[b % charset.length]; } return res; } export function generateToken(length = 32, encoding = "hex") { const buf = crypto.getRandomValues(new Uint8Array(length)); if (encoding === "raw") return buf; if (encoding === "base64") { return btoa(String.fromCharCode(...buf)); } return Array.from(buf).map(b=>b.toString(16).padStart(2,"0")).join(""); } export function parse(token) { const parts = token.split("$"); if (parts[0] !== "locka" || parts.length < 4) { return { valid: false, reason: "Invalid format" }; } return { format: parts[1].startsWith("web") ? "web" : "node", version: parts[1], iv: parts[2], ciphertext: parts.slice(3).join("$"), valid: true }; } // === Chainable Browser Interface === export default function locka(value) { let result = value; let isDecrypt = false; return { async aes(password) { if (!password || typeof password !== "string") { throw new Error("πŸ›‘ Locka: password must be non-empty string."); } result = isDecrypt ? await decryptWeb(result, password) : await encryptWeb(result, password); isDecrypt = false; return this; }, decrypt() { isDecrypt = true; return this; }, base64() { const bytes = new TextEncoder().encode(result); result = btoa(String.fromCharCode(...bytes)); return this; }, hex() { const bytes = new TextEncoder().encode(result); result = Array.from(bytes).map(b=>b.toString(16).padStart(2,"0")).join(""); return this; }, xor(key) { if (!key) throw new Error("πŸ›‘ Locka XOR requires a key."); const data = typeof result === "string" ? new TextEncoder().encode(result) : result; const keyBuf = new TextEncoder().encode(key); const out = new Uint8Array(data.length); for (let i = 0; i < data.length; i++) { out[i] = data[i] ^ keyBuf[i % keyBuf.length]; } // keep raw binary result = out; return this; }, async hash(algorithm = "SHA-256") { if (!crypto?.subtle) throw new Error("πŸ›‘ SubtleCrypto not available"); const buf = new TextEncoder().encode(result); const hashBuf = await crypto.subtle.digest(algorithm, buf); result = Array.from(new Uint8Array(hashBuf)) .map(b => b.toString(16).padStart(2,"0")) .join(""); return this; }, toString(encoding = "utf8") { if (result instanceof Uint8Array) { if (encoding === "utf8") { return new TextDecoder().decode(result); } else if (encoding === "base64") { return btoa(String.fromCharCode(...result)); } else if (encoding === "hex") { return Array.from(result).map(b=>b.toString(16).padStart(2,"0")).join(""); } } return result; }, raw() { return result instanceof Uint8Array ? result : new TextEncoder().encode(result); } }; }