Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@burstjs/crypto
Advanced tools
Cryptographic functions for building Burstcoin apps.
burstJS can be used with NodeJS or Web. Two formats are available
Install using npm:
npm install @burstjs/crypto
or using yarn:
yarn add @burstjs/crypto
import {encryptAES, decryptAES, hashSHA256} from '@burstjs/crypto'
const encrypted = encryptAES('test', 'key')
const decrypted = decryptAES(encrypted, 'key')
console.log(hashSHA256('test'))
console.log(decrypted)
<script>
Each package is available as bundled standalone library using IIFE.
This way burstJS can be used also within <script>
-Tags.
This might be useful for Wordpress and/or other PHP applications.
Just import the package using the HTML <script>
tag.
<script src='https://cdn.jsdelivr.net/npm/@burstjs/crypto/dist/burstjs.crypto.min.js'></script>
const encrypted = b$crypto.encryptAES("test", "key");
const decrypted = b$crypto.decryptAES(encrypted, "key");
console.log(b$crypto.hashSHA256("test"));
console.log(decrypted);
See more here:
@burstjs/crypto Online Documentation
Decrypt an encrypted message
Decrypts an encrypted cipher text
Decrypts an encrypted Message
Symmetrically encrypts a text using an arbitrary key
Encrypts arbitrary data for P2P message/data exchange using asymmetric encryption
Encrypts arbitrary message (UTF-8 compatible) for P2P message/data exchange using asymmetric encryption
Generate the Master Public Key and Master Private Keys for a new passphrase
Generate a signature for a transaction
Method:
s = sign(sha256(sha256(transactionHex)_keygen(sha256(sha256(transactionHex)_privateKey)).publicKey),
sha256(sha256(transactionHex)_privateKey),
privateKey)
p = sha256(sha256(transactionHex)_keygen(sha256(transactionHex_privateKey)).publicKey)
Generates a signed message digest, which can be sent to BRS API then
Convert hex string of the public key to the account id
Hash string into hex string
A secure random passphrase generator
Verify a signature for given message
* h1 = sha256(sha256(transactionHex)_keygen(sha256(transactionHex_privateKey)).publicKey)
==
sha256(sha256(transactionHex)_verify(v, h1, publickey)) = h2
A set of useful converter methods for crypto operations.
Original work Copyright (c) 2018 PoC-Consortium Modified work Copyright (c) 2019 Burst Apps Team
Original work Copyright (c) 2018 PoC-Consortium Modified work Copyright (c) 2019 Burst Apps Team
Decrypt an encrypted message
Returns:
The decrypted content
[[encryptAES]]
Param | Description |
---|---|
encryptedBase64 | encrypted data in base64 format |
key | The secret key |
Decrypts an encrypted cipher text
Returns:
The original plain text
Param | Description |
---|---|
encryptedData | The encrypted data |
senderPublicKeyHex | The senders public key in hex format |
recipientPrivateKeyHex | The recipients private (agreement) key in hex format |
Decrypts an encrypted Message
Returns:
The original message
Param | Description |
---|---|
encryptedMessage | The encrypted message |
senderPublicKeyHex | The senders public key in hex format |
recipientPrivateKeyHex | The recipients private (agreement) key in hex format |
Symmetrically encrypts a text using an arbitrary key
Returns:
The encrypted message as Base64 string
[[decryptAES]]
Param | Description |
---|---|
text | The message/text to be encrypted |
key | The key used |
Encrypts arbitrary data for P2P message/data exchange using asymmetric encryption
Returns:
The encrypted Data
[[decryptData]]
Param | Description |
---|---|
plaintext | Data to be encrypted |
recipientPublicKeyHex | The recipients public key in hexadecimal format |
senderPrivateKeyHex | The senders private (agreement) key hexadecimal format |
Encrypts arbitrary message (UTF-8 compatible) for P2P message/data exchange using asymmetric encryption
Returns:
The encrypted Message
[[decryptMessage]]
Param | Description |
---|---|
plaintext | Message to be encrypted |
recipientPublicKeyHex | The recipients public key hexadecimal format |
senderPrivateKeyHex | The senders private (agreement) key hexadecimal format |
Generate the Master Public Key and Master Private Keys for a new passphrase
Returns:
EC-KCDSA sign key pair + agreement key
Param | Description |
---|---|
passPhrase | The passphrase |
Generate a signature for a transaction
Method:
s = sign(sha256(sha256(transactionHex)_keygen(sha256(sha256(transactionHex)_privateKey)).publicKey),
sha256(sha256(transactionHex)_privateKey),
privateKey)
p = sha256(sha256(transactionHex)_keygen(sha256(transactionHex_privateKey)).publicKey)
Returns:
The signature in hexadecimal format
Param | Description |
---|---|
messageHex | The data in hexadecimal representation |
privateKey | The private key for signing |
Generates a signed message digest, which can be sent to BRS API then
Returns:
The signed message digest
Param | Description |
---|---|
unsignedTransactionHex | The unsigned message |
signature | The signature |
Convert hex string of the public key to the account id
Returns:
The numeric account Id
Param | Description |
---|---|
publicKey | The public key |
Returns:
A decimal string
Param | Description |
---|---|
s | A hexadecimal string |
Hash string into hex string
Returns:
the hash for that string in hex format
Param | Description |
---|---|
input | An arbitrary text |
A secure random passphrase generator
Note: For secure randomization seedrandom is used.
Verify a signature for given message
* h1 = sha256(sha256(transactionHex)_keygen(sha256(transactionHex_privateKey)).publicKey)
==
sha256(sha256(transactionHex)_verify(v, h1, publickey)) = h2
Returns:
true, if signature is valid, otherwise false
[[generateSignature]]
Param | Description |
---|---|
signature | The signature to be verified |
messageHex | The message data in hexadecimal representation |
publicKey | The public key |
A set of useful converter methods for crypto operations.
Original work Copyright (c) 2018 PoC-Consortium Modified work Copyright (c) 2019 Burst Apps Team
Original work Copyright (c) 2018 PoC-Consortium Modified work Copyright (c) 2019 Burst Apps Team
Kind: global constant
FAQs
Cryptographic functions for building Burstcoin apps.
The npm package @burstjs/crypto receives a total of 18 weekly downloads. As such, @burstjs/crypto popularity was classified as not popular.
We found that @burstjs/crypto demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.