UNPKG

poly-crypto

Version:

High-level cryptographic functions that are interoperable between NodeJS and PHP 7.1+.

github.com/kensnyder/poly-crypto

kensnyder/poly-crypto

395 lines (392 loc) 13.1 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
// Generated by dts-bundle-generator v9.5.1 export type SupportedDigestAlgos = "md5" | "sha1" | "sha256" | "sha512"; export interface BcryptInfoInterface { valid: boolean; version?: string; cost?: number; salt?: string; hash?: string; } export type AesEncodings = "base64" | "hex" | "bin"; /** * Service for encrypting and decrypting data with AES-256 GCM * Compatible with PHP's openssl_encrypt() * @example * // store hexKey in a secure parameter store * const hexKey = '64-char hex encoded string from secure param store'; * const encrypted = PolyAES.withKey(hexKey).encrypt(data); * const decrypted = PolyAES.withKey(hexKey).decrypt(encrypted); * * const password = 'User-supplied password'; * const salt = 'System-supplied salt 8+ characters long'; * const encrypted = PolyAES.withPassword(password, salt).encrypt(data); * const decrypted = PolyAES.withPassword(password, salt).decrypt(encrypted); */ export declare class PolyAES { /** * Error message when key is not in correct format */ static KEY_FORMAT_ERROR: string; /** * Error message when salt is too short */ static SALT_SIZE_ERROR: string; /** * Error message when encoding is set to an invalid value */ static ENCODING_ERROR: string; /** * Default value for this._encoding */ static DEFAULT_ENCODING: AesEncodings; private readonly _key; private _encoding; /** * Static function to return new Crypto instance * @param hexKey The 256-bit key in hexadecimal (should be 64 characters) * @chainable */ static withKey(hexKey: string): PolyAES; /** * Return new Crypto instance with the given user-supplied password * @param password The password from the user * @param salt An application secret salt * @param [numIterations=10000] The number of iterations for the PBKDF2 hash * @chainable */ static withPassword(password: string, salt: string, numIterations?: number): PolyAES; /** * Instantiate using a binary key * @param {util.ByteStringBuffer} binKey The encryption key in binary * @throws {Error} If PolyAES.DEFAULT_ENCODING is invalid */ constructor(binKey: string); /** * After encryption, use base64 encoding, hexadecimal or binary * @param encoding One of: base64, hex, bin * @chainable */ setEncoding(encoding: AesEncodings): PolyAES; /** * Get the current encoding type * @return One of: base64, hex, bin */ getEncoding(): string; /** * Encode encrypted bytes using the current encoding * @param bin The ciphertext in binary * @return The encoded ciphertext * @private */ _binToStr(bin: string): string; /** * Decode encrypted bytes using the current encoding * @param str The encoded ciphertext * @return The ciphertext in binary * @private */ _strToBin(str: string): string; /** * Encrypt the given data * @param data The string to encrypt * @note The first 32 characters of output will be the IV (128 bits in hexadecimal) */ encrypt(data: string): string; /** * Decrypt the given data * @param data Data encrypted with AES-256 CBC mode * @note The first 32 characters must be the hex-encoded IV */ decrypt(data: string): string; /** * Generate a key to use with PolyAES.withKey() * @param length The character length of the key * @return The key in hexadecimal */ static generateKey(length?: number): string; /** * Generate salt to use with PolyAES.withPassword() * @param length The character length of the salt * @return The salt in hexadecimal */ static generateSalt(length?: number): string; /** * Convert a JavaScript string into binary for encryption * @param data The regular JavaScript string * @see https://coolaj86.com/articles/javascript-and-unicode-strings-how-to-deal/ * @private */ _utf8ToBin(data: string): string; /** * Convert binary to a JavaScript string after decryption * @param data The regular JavaScript string * @see https://coolaj86.com/articles/javascript-and-unicode-strings-how-to-deal/ * @private */ _binToUtf8(data: string): string; } /** * Functions to hash and verify passwords using bcrypt */ export declare const PolyBcrypt: { /** * Exception message when password is too long */ LENGTH_ERROR: string; /** * Exception message when compute cost is out of range */ COST_ERROR: string; /** * Hash a password using bcrypt * @param password The password to hash * @param cost The compute cost (a logarithmic factor) between 4 and 31 * @throws Error When password is too long or cost is out of range */ hash(password: string, cost?: number): string; /** * Verify that the given password matches the given hash * @param password The password to check * @param hash The hash the password should match * @return True if password is correct */ verify(password: string, hash: string): boolean; /** * Get information about the given hash including version and cost * @param hash The hash to parse */ info(hash: string): BcryptInfoInterface; }; /** * Class to convert numbers between bases using arbitrary alphabets */ export declare class PolyConvert { /** * Error message when base is invalid */ BASE_ERROR: string; /** * Error message when input is empty */ EMPTY_ERROR: string; /** * Error message when input digit is invalid */ INVALID_DIGIT_ERROR: string; /** * The alphabet to use for conversion */ alphabet: string; /** * Create a new PolyConvert instance given an alphabet * @param alphabet */ constructor(alphabet?: string); /** * Ensure that the string number has both upper and lower case characters * @param digits The string base * @param maxBase The base that will be used for conversion */ ensureCasing: (digits: string, maxBase: number) => string; /** * Validate the fromBase abd toBase values are within the alphabet range * @param fromBase Must be between 2 and the alphabet length * @param toBase Must be between 2 and the alphabet length * @throws Error If fromBase or toBase are invalid */ validateBase: (fromBase: number, toBase: number) => void; /** * Convert an array of BigInt digits from one base to another * @param bigintDigits The input array of BigInt digits * @param fromBase The input's base * @param toBase The output's base */ convertArray: (bigintDigits: bigint[], fromBase: number, toBase: number) => bigint[]; /** * Convert a number from one base to another * @param input The number to convert * @param fromBase The input's base * @param toBase The output's base * @throws Error If a base is invalid or the input contains invalid digits */ applyBase: (input: string | number | BigInt, fromBase: number, toBase: number) => string; /** * Convert a Uint8Array to a string number * @param input The incoming Uint8Array * @param toBase The base to convert to * @throws Error If target base is invalid */ fromBytes: (input: Uint8Array, toBase: number) => string; /** * Convert a string number to a Uint8Array * @param input The incoming string number * @param fromBase The base of the incoming number * @throws Error If incoming number base is invalid */ toBytes: (input: string, fromBase: number) => Uint8Array; /** * Substitute characters in a string from one alphabet to another * @param input The input string * @param fromAlphabet The alphabet of the input * @param toAlphabet The alphabet to convert to */ static substitute: (input: string, fromAlphabet: string, toAlphabet: string) => string; /** * Rotate characters 13 places in the alphabet (ROT13 substitution cipher) * @param input */ static rot13: (input: string) => string; /** * Static method to convert a number from one base to another with the default alphabet * @param input The string number * @param fromBase The base of the input number * @param toBase The base to convert to * @throws Error If a base is invalid or the input contains invalid digits */ static base: (input: string | number | BigInt, fromBase: number, toBase: number) => string; /** * Static method to substitute the given alphabet then convert a number to the given base * @param fromAlphabet * @param input * @param toBase * @throws Error If a base is invalid or the input contains invalid digits */ static _from: (fromAlphabet: string, input: string, toBase: number) => string; /** * Static method to convert a number from one base to another then convert to the given alphabet * @param toAlphabet * @param input * @param fromBase * @throws Error If a base is invalid or the input contains invalid digits */ static _to: (toAlphabet: string, input: string | number | BigInt, fromBase: number) => string; /** * Convert a number from the fax alphabet to another base (in the standard alphabet) * @param input The input string, in fax alphabet * @param toBase The base to convert to * @throws Error If a base is invalid or the input contains invalid digits */ static fromFax: (input: string, toBase: number) => string; /** * Convert a string number in the given base into the fax alphabet * @param input The input string number * @param fromBase The base of the input number * @throws Error If a base is invalid or the input contains invalid digits */ static toFax: (input: string | number | BigInt, fromBase: number) => string; /** * Convert a number from the slug alphabet to another base (in the standard alphabet) * @param input The input string, in slug alphabet * @param toBase The base to convert to * @throws Error If a base is invalid or the input contains invalid digits */ static fromSlug: (input: string, toBase: number) => string; /** * Convert a string number in the given base into the slug alphabet * @param input The input string number * @param fromBase The base of the input number * @throws Error If a base is invalid or the input contains invalid digits */ static toSlug: (input: string | number | BigInt, fromBase: number) => string; /** * Convert a number from the canonical base64 alphabet to another base (in the standard alphabet) * @param input The input string, in canonical base64 alphabet * @param toBase The base to convert to * @throws Error If a base is invalid or the input contains invalid digits */ static from64: (input: string, toBase: number) => string; /** * Convert a string number in the given base into the canonical base64 alphabet * @param input The input string number * @param fromBase The base of the input number * @throws Error If a base is invalid or the input contains invalid digits */ static to64: (input: string | number | BigInt, fromBase: number) => string; } /** * Calculate digests of strings */ export declare const PolyDigest: { /** * Calculate the md5 digest of a string * @param data The string to digest * @return The digest in hexadecimal */ md5(data: string): string; /** * Calculate the sha1 digest of a string * @param data The string to digest * @return The digest in hexadecimal */ sha1(data: string): string; /** * Calculate the sha256 digest of a string * @param data The string to digest * @return The digest in hexadecimal */ sha256(data: string): string; /** * Calculate the sha512 digest of a string * @param data The string to digest * @return The digest in hexadecimal */ sha512(data: string): string; /** * Private function to calculate digests for the given algorithm * @param algo An algorithm on the forge.md namespace * @param data The string to digest * @return The digest in hexadecimal * @private */ _digest(algo: SupportedDigestAlgos, data: string): string; }; /** * Methods to generate random strings */ export declare const PolyRand: { /** * {String} Error message to throw when symbol list is too big or small */ SYMBOL_LIST_ERROR: string; /** * {Array} The list of symbols to use for slug() */ SLUG_SYMBOL_LIST: string[]; /** * {Array} The list of symbols to use for fax() */ FAX_SYMBOL_LIST: string[]; /** * Create a string of the given length with random bytes * @param length The desired length */ bytes(length: number): string; /** * Create a string of the given length with hexidecimal characters * @param length The desired length */ hex(length: number): string; /** * Create a string of the given length with numbers, letters, but no vowels * @param length The desired length */ slug(length: number): string; /** * Create a string of the given length with numbers and lowercase letters that are unambiguious when written down * @param length The desired length */ fax(length: number): string; /** * Create a random string of the given length limited to the given symbols * @param length The desired length * @param symbolList An array of characters to use * @throws {Error} if size of symbolList is not between 2 and 256 */ string(length: number, symbolList: String[]): string; /** * Use cryptographic randomness to generate a uuid v4 * @return string */ uuidv4(): string; }; export {};