@casual-simulation/crypto - npm Package Compare versions

Comparing version 2.0.14 to 2.0.22-alpha.1651045562

Encryption.d.ts

@@ -5,2 +5,9 @@ interface DerivedKey {
 }
+export declare const KEY_LENGTH: number;
+/**
+ * Derives a key from a password and salt.
+ * @param password The pasword to derive the key from.
+ * @param salt The salt to use.
+ * @returns
+ */
 export declare function deriveKey(password: Uint8Array, salt: Uint8Array): DerivedKey;
@@ -7,0 +14,0 @@ /**

Encryption.js

@@ -7,3 +7,9 @@ import { randomBytes, secretbox, box } from 'tweetnacl';
 const PARALLELISM = 1;
-const KEY_LENGTH = secretbox.keyLength;
+export const KEY_LENGTH = secretbox.keyLength;
+/**
+ * Derives a key from a password and salt.
+ * @param password The pasword to derive the key from.
+ * @param salt The salt to use.
+ * @returns
+ */
 export function deriveKey(password, salt) {
@@ -10,0 +16,0 @@ const result = syncScrypt(password, salt, ITERATIONS, BLOCK_SIZE, PARALLELISM, KEY_LENGTH);

HashHelpers.d.ts

@@ -14,2 +14,9 @@ /// <reference types="node" />
 /**
+ * Creates a random password and returns it along with its hash.
+ */
+export declare function createRandomPassword(): {
+    password: string;
+    hash: string;
+};
+/**
  * Hashes the given password using scrypt and returns the result.
@@ -25,2 +32,15 @@ * @param password The password that should be hashed.
 export declare function verifyPassword(password: string, hash: string): boolean;
+/**
+ * Hashes the given password using the given salt and returns the resulting base64 encoded hash.
+ * @param password The password to hash.
+ * @param salt The salt to use for the password. Must be a base64 encoded string.
+ */
+export declare function hashPasswordWithSalt(password: string, salt: string): string;
+/**
+ * Validates that the given password and salt match at least one of the given hashes.
+ * @param password The password to check.
+ * @param salt The base64 encoded salt to use for the password.
+ * @param hashes The hashes that they should match. These hashes should have been produced by hashPasswordWithSalt().
+ */
+export declare function verifyPasswordAgainstHashes(password: string, salt: string, hashes: string[]): boolean;
 //# sourceMappingURL=HashHelpers.d.ts.map

HashHelpers.js

@@ -28,2 +28,14 @@ import { sha256 } from 'hash.js';
 /**
+ * Creates a random password and returns it along with its hash.
+ */
+export function createRandomPassword() {
+    const passwordBytes = randomBytes(16); // 128-bit password
+    const passwordBase64 = fromByteArray(passwordBytes); // convert to human-readable string
+    const hash = hashPassword(passwordBase64);
+    return {
+        password: passwordBase64,
+        hash,
+    };
+}
+/**
  * Hashes the given password using scrypt and returns the result.
@@ -73,2 +85,53 @@ * @param password The password that should be hashed.
 }
+/**
+ * Hashes the given password using the given salt and returns the resulting base64 encoded hash.
+ * @param password The password to hash.
+ * @param salt The salt to use for the password. Must be a base64 encoded string.
+ */
+export function hashPasswordWithSalt(password, salt) {
+    if (!password) {
+        throw new Error('Invalid password. Must not be null or undefined.');
+    }
+    if (!salt) {
+        throw new Error('Invalid salt. Must not be null or undefined.');
+    }
+    const textEncoder = new TextEncoder();
+    const passwordBytes = textEncoder.encode(password);
+    const saltBytes = toByteArray(salt);
+    const hashBytes = deriveKey(passwordBytes, saltBytes);
+    return `vH1.${fromByteArray(hashBytes.hash)}`;
+}
+/**
+ * Validates that the given password and salt match at least one of the given hashes.
+ * @param password The password to check.
+ * @param salt The base64 encoded salt to use for the password.
+ * @param hashes The hashes that they should match. These hashes should have been produced by hashPasswordWithSalt().
+ */
+export function verifyPasswordAgainstHashes(password, salt, hashes) {
+    if (!password) {
+        throw new Error('Invalid password. Must not be null or undefined.');
+    }
+    if (!salt) {
+        throw new Error('Invalid salt. Must not be null or undefined.');
+    }
+    if (!hashes) {
+        throw new Error('Invalid hashes. Must not be null or undefined.');
+    }
+    hashes = hashes.filter((h) => h.startsWith('vH1.'));
+    if (hashes.length <= 0) {
+        throw new Error('Invalid hashes. Must contain at least one valid hash.');
+    }
+    const textEncoder = new TextEncoder();
+    const passwordBytes = textEncoder.encode(password);
+    const saltBytes = toByteArray(salt);
+    const passwordHash = deriveKey(passwordBytes, saltBytes);
+    const passwordHashBase64 = fromByteArray(passwordHash.hash);
+    for (const hash of hashes) {
+        const withoutVersion = hash.slice('vH1.'.length);
+        if (withoutVersion === passwordHashBase64) {
+            return true;
+        }
+    }
+    return false;
+}
 //# sourceMappingURL=HashHelpers.js.map

package.json

 {
     "name": "@casual-simulation/crypto",
-    "version": "2.0.14",
+    "version": "2.0.22-alpha.1651045562",
     "description": "Crypto helpers used by AUX",
@@ -50,3 +50,3 @@ "keywords": [
     },
-    "gitHead": "8cc25d581a903ea0684168b4821d5faaccdf446e"
+    "gitHead": "874f0a46dad3edeb703965575a0a97129ae6746c"
 }

New alerts

No v1

Quality

Package is not semver >=1. This means it is not stable and does not support ^ ranges.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

75662

increased by7.71%

Lines of code

1268

increased by8.19%

Worsened metrics

Number of low quality alerts

1

increased byInfinity%

No dependency changes