easycrypt - npm Package Compare versions

Comparing version 0.2.3 to 0.2.4

easycrypt.js

@@ -10,6 +10,4 @@ const crypto = require('crypto');
 
-function ezEncrypt(text) {
-  const salt = genString();
+function _ezEncrypt(text, salt, iv) {
   const finalText = `${text}${salt}`;
-  const iv = genString();
   const cipher = crypto.createCipheriv(algorithm, password, iv);
@@ -21,2 +19,11 @@ const crypted = `${cipher.update(finalText, 'utf8').toString('base64')}${cipher.final('hex').toString('base64')}`;
 
+function ezEncrypt(text) {
+  return _ezEncrypt(text, genString(), genString());
+}
+
+function ezCompare(input, crypted) {
+  const [_, salt, __, iv] = crypted.split(':');
+  return _ezEncrypt(input, salt, iv) === crypted;
+}
+
 function ezDecrypt(crypt) {
@@ -33,2 +40,3 @@ const [crypted, salt, tag, iv] = crypt.split(':'); // eslint-disable-line no-unused-vars
   ezDecrypt,
+  ezCompare,
 };

package.json

 {
   "name": "easycrypt",
-  "version": "0.2.3",
+  "version": "0.2.4",
   "description": "A simple bi-directional salting and encryption system designed for securing authentication tokens.",
@@ -23,3 +23,6 @@ "main": "easycrypt.js",
   ],
-  "files": ["easycrypt.js", "randomstring.js"],
+  "files": [
+    "easycrypt.js",
+    "randomstring.js"
+  ],
   "author": "Alessandro Maclaine",
@@ -26,0 +29,0 @@ "license": "MIT",

README.md

@@ -16,3 +16,2 @@ # EasyCrypt
 ```javascript
-// this is a contrived example
 const { ezDecrypt } = require("easycrypt");
@@ -28,2 +27,10 @@ const encryptedString = database.getEncryptedString(); // get encrypted string
 
+## Validation without decrypting
+```javascript
+const { ezCompare } = require("easycrypt");
+const input = 'Easy';
+
+const crypted = ezEncrypt(input);
+return ezCompare(input, crypted);
+```
 ## Installing
@@ -35,3 +42,3 @@ `npm install easycrypt`
 ### EasyCrypt
-Require exports ezEncrpyt and ezDecrypt.
+Require exports ezEncrpyt, ezDecrypt and ezCompare.
 
@@ -64,3 +71,3 @@ #### Settings
 ```
-Returns an encryption key with four parts separated by colons.
+Returns an encryption string with four parts separated by colons.
 - First Section is the string + a salt encrypted together (x8PNf3Oq/NC/0+wAEvIaYw==)
@@ -76,7 +83,19 @@ - Second Section is the Salt (]RYY9)g6MdD@)
 const { ezEncrypt, ezDecrypt } = require("easycrypt");
-const text = ezEncrypt("Easy");
-console.log(ezDecrypt(text));
+const crypt = ezEncrypt("Easy");
+console.log(ezDecrypt(crypt));
 ```
 Returns the original decrypted string with the salt appended to the end.
 
+##### ezCompare
+
+Performs secure compare. Takes a user input and a previous encryption string returned
+from ezEncrypt. It then encrypts the user input with the same salt and iv from the
+encryption string and compares. The original encrypted string is never decrypted.
+
+```javascript
+const { ezEncrypt, ezCompare } = require("easycrypt");
+const crypt = ezEncrypt("Easy");
+console.log(ezCompare("Easy", crypt));
+```
+
 ## Scripts
@@ -83,0 +102,0 @@

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

6865

increased by12.99%

Lines of code

46

increased by15%

Number of lines in readme file

108

increased by21.35%

Number of medium supply chain risk alerts

0

decreased by-100%

No dependency changes