UNPKG

xypriss-security

Version:

XyPriss Security is an advanced JavaScript security library designed for enterprise applications. It provides military-grade encryption, secure data structures, quantum-resistant cryptography, and comprehensive security utilities for modern web applicatio

256 lines (253 loc) 7.63 kB
import { PasswordManager } from './password-core.js'; import { PasswordGenerator } from './password-generator.js'; export { PasswordAlgorithm, PasswordSecurityLevel } from './password-types.js'; import '../hash/hash-core.js'; import '../hash/hash-types.js'; import 'crypto'; import '../hash/hash-security.js'; import '../hash/hash-advanced.js'; import '../../algorithms/hash-algorithms.js'; import '../random/random-types.js'; import '../random/random-sources.js'; import 'nehonix-uri-processor'; import '../../utils/memory/index.js'; import '../../types.js'; import '../random/random-security.js'; import 'argon2'; import 'child_process'; import '../../types/secure-memory.js'; import 'https'; import '../../components/runtime-verification.js'; import '../../components/tamper-evident-logging.js'; /* --------------------------------------------------------------------------------------------- * Copyright (c) NEHONIX INC. All rights reserved. * Licensed under the MIT License. See LICENSE in the project root for license information. * ------------------------------------------------------------------------------------------- */ /** * XyPrissSecurity Password Management Module => FPMM * * Modular, military-grade password management system * * @example * ```typescript * import { PasswordManager } from "xypriss-security/core/password"; * * // Create password manager instance * const pm = PasswordManager.getInstance(); * * // Hash a password * const hash = await pm.hash("mySecurePassword123!"); * * // Verify a password * const result = await pm.verify("mySecurePassword123!", hash); * console.log(result.isValid); // true * * // Generate secure password * const generated = pm.generatePassword({ length: 16, minStrengthScore: 90 }); * console.log(generated.password); * * // Migrate from bcrypt * const migration = await pm.migrate("password", bcryptHash); * if (migration.migrated) { * console.log("Successfully migrated to XyPrissSecurity!"); * } * ``` */ const pm = PasswordManager.getInstance(); // ===== CONVENIENCE FUNCTIONS ===== /** * Quick hash function for simple use cases */ async function hashPassword(password, options) { return pm.hash(password, options); } /** * Quick verify function for simple use cases */ async function verifyPassword(password, hash) { const result = await pm.verify(password, hash); return result.isValid; } /** * Quick password generation for simple use cases */ function generateSecurePassword(options) { const pm = PasswordManager.getInstance(); return pm.generatePassword(options); } /** * Quick password strength analysis */ function analyzePasswordStrength(password) { return pm.analyzeStrength(password); } /** * Quick bcrypt migration */ async function migrateBcryptPassword(password, bcryptHash, options) { return pm.migrate(password, bcryptHash, options); } // ===== UTILITY FUNCTIONS ===== /** * Create a configured password manager instance */ function createPasswordManager(config) { return PasswordManager.create(config); } /** * Get default password policy */ function getDefaultPasswordPolicy() { return { minLength: 8, maxLength: 128, requireUppercase: true, requireLowercase: true, requireNumbers: true, requireSymbols: true, minStrengthScore: 70, forbiddenPatterns: [ /^[0-9]+$/, // All numbers /^[a-zA-Z]+$/, // All letters /^(.)\1{2,}$/, // Repeated characters /^(qwerty|asdfgh|zxcvbn)/i, // Keyboard patterns /^(password|admin|user)/i, // Common words ], forbiddenWords: [ "password", "admin", "user", "login", "welcome", "123456", "qwerty", "abc123", "password123", ], }; } /** * Get recommended security configuration */ function getRecommendedConfig() { return { defaultAlgorithm: "argon2id", defaultSecurityLevel: "high", timingSafeVerification: true, secureMemoryWipe: true, enableMigration: true, policy: getDefaultPasswordPolicy(), }; } /** * Get military-grade security configuration */ function getMilitaryConfig() { return { defaultAlgorithm: "military", defaultSecurityLevel: "military", timingSafeVerification: true, secureMemoryWipe: true, enableMigration: true, policy: { ...getDefaultPasswordPolicy(), minLength: 12, minStrengthScore: 90, requireSymbols: true, }, }; } // ===== BCRYPT COMPATIBILITY LAYER ===== /** * bcrypt-compatible hash function * Drop-in replacement for bcrypt.hash() */ async function hash(password, saltRounds = 12) { return pm.hash(password, { algorithm: "bcrypt-plus", iterations: saltRounds * 10000, // Convert rounds to iterations securityLevel: "high", }); } /** * bcrypt-compatible compare function * Drop-in replacement for bcrypt.compare() */ async function compare(password, hash) { // Handle both XyPrissSecurity hashes and legacy bcrypt hashes if (hash.startsWith("$xypriss$")) { return verifyPassword(password, hash); } // For legacy bcrypt hashes, try to use bcrypt library try { const bcrypt = await import('bcrypt').catch(() => null); if (bcrypt) { return await bcrypt.compare(password, hash); } } catch (error) { // Fall back to XyPrissSecurity verification } return verifyPassword(password, hash); } /** * Generate salt (bcrypt compatibility) */ function genSalt(rounds = 12) { // Return a XyPrissSecurity salt identifier return `$xypriss$rounds=${rounds}$`; } // ===== ADVANCED FEATURES ===== /** * Batch password operations */ class PasswordBatch { constructor(config) { this.pm = config ? PasswordManager.create(config) : PasswordManager.getInstance(); } /** * Hash multiple passwords */ async hashMany(passwords, options) { const results = []; for (const password of passwords) { results.push(await this.pm.hash(password, options)); } return results; } /** * Verify multiple passwords */ async verifyMany(passwordHashPairs) { const results = []; for (const { password, hash } of passwordHashPairs) { const result = await this.pm.verify(password, hash); results.push(result.isValid); } return results; } /** * Generate multiple passwords */ generateMany(count, options) { const generator = new PasswordGenerator(this.pm.getConfig()); return generator.generateBatch(count, options); } } // ===== DEFAULT INSTANCE ===== /** * Default password manager instance * Ready to use out of the box */ const defaultPasswordManager = PasswordManager.getInstance(getRecommendedConfig()); // ===== LEGACY SUPPORT ===== /** * Legacy class name for backward compatibility * @deprecated Use PasswordManager instead */ const SecurePasswordManager = PasswordManager; export { PasswordBatch, PasswordGenerator, PasswordManager, SecurePasswordManager, analyzePasswordStrength, compare, createPasswordManager, defaultPasswordManager, genSalt, generateSecurePassword, getDefaultPasswordPolicy, getMilitaryConfig, getRecommendedConfig, hash, hashPassword, migrateBcryptPassword, pm, verifyPassword }; //# sourceMappingURL=index.js.map