eciesjs - npm Package Compare versions

Comparing version 0.4.0 to 0.4.1

dist/consts.d.ts

@@ -0,6 +1,6 @@
+export declare const COMPRESSED_PUBLIC_KEY_SIZE = 33;
 export declare const UNCOMPRESSED_PUBLIC_KEY_SIZE = 65;
-export declare const AES_IV_LENGTH = 16;
-export declare const AES_TAG_LENGTH = 16;
-export declare const AES_IV_PLUS_TAG_LENGTH: number;
+export declare const ETH_PUBLIC_KEY_SIZE = 64;
 export declare const SECRET_KEY_LENGTH = 32;
 export declare const ONE: bigint;
+export declare const AEAD_TAG_LENGTH = 16;

dist/consts.js

 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.ONE = exports.SECRET_KEY_LENGTH = exports.AES_IV_PLUS_TAG_LENGTH = exports.AES_TAG_LENGTH = exports.AES_IV_LENGTH = exports.UNCOMPRESSED_PUBLIC_KEY_SIZE = void 0;
+exports.AEAD_TAG_LENGTH = exports.ONE = exports.SECRET_KEY_LENGTH = exports.ETH_PUBLIC_KEY_SIZE = exports.UNCOMPRESSED_PUBLIC_KEY_SIZE = exports.COMPRESSED_PUBLIC_KEY_SIZE = void 0;
+exports.COMPRESSED_PUBLIC_KEY_SIZE = 33;
 exports.UNCOMPRESSED_PUBLIC_KEY_SIZE = 65;
-exports.AES_IV_LENGTH = 16;
-exports.AES_TAG_LENGTH = 16;
-exports.AES_IV_PLUS_TAG_LENGTH = exports.AES_IV_LENGTH + exports.AES_TAG_LENGTH;
+exports.ETH_PUBLIC_KEY_SIZE = 64;
 exports.SECRET_KEY_LENGTH = 32;
 exports.ONE = BigInt(1);
+exports.AEAD_TAG_LENGTH = 16;

dist/index.js

 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.utils = exports.PublicKey = exports.PrivateKey = exports.decrypt = exports.encrypt = void 0;
-var consts_1 = require("./consts");
+var config_1 = require("./config");
 var keys_1 = require("./keys");
@@ -14,3 +14,8 @@ var utils_1 = require("./utils");
     var encrypted = (0, utils_1.aesEncrypt)(aesKey, msg);
-    return Buffer.concat([ephemeralKey.publicKey.uncompressed, encrypted]);
+    if ((0, config_1.isEphemeralKeyCompressed)()) {
+        return Buffer.concat([ephemeralKey.publicKey.compressed, encrypted]);
+    }
+    else {
+        return Buffer.concat([ephemeralKey.publicKey.uncompressed, encrypted]);
+    }
 }
@@ -22,4 +27,5 @@ exports.encrypt = encrypt;
         : keys_1.PrivateKey.fromHex(receiverRawSK);
-    var senderPubkey = new keys_1.PublicKey(msg.subarray(0, consts_1.UNCOMPRESSED_PUBLIC_KEY_SIZE));
-    var encrypted = msg.subarray(consts_1.UNCOMPRESSED_PUBLIC_KEY_SIZE);
+    var keySize = (0, config_1.ephemeralKeySize)();
+    var senderPubkey = new keys_1.PublicKey(msg.subarray(0, keySize));
+    var encrypted = msg.subarray(keySize);
     var aesKey = senderPubkey.decapsulate(receiverSK);
@@ -26,0 +32,0 @@ return (0, utils_1.aesDecrypt)(aesKey, encrypted);

dist/keys/PrivateKey.d.ts

@@ -10,4 +10,4 @@ /// <reference types="node" />
     encapsulate(pub: PublicKey): Buffer;
-    multiply(pub: PublicKey): Buffer;
+    multiply(pub: PublicKey, compressed?: boolean): Buffer;
     equals(other: PrivateKey): boolean;
 }

dist/keys/PrivateKey.js

@@ -6,5 +6,3 @@ "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-var secp256k1_1 = require("@noble/curves/secp256k1");
-var hkdf_1 = require("@noble/hashes/hkdf");
-var sha256_1 = require("@noble/hashes/sha256");
+var config_1 = require("../config");
 var utils_1 = require("../utils");
@@ -14,7 +12,7 @@ var PublicKey_1 = __importDefault(require("./PublicKey"));
     function PrivateKey(secret) {
-        this.secret = secret || (0, utils_1.getValidSecret)();
-        if (!secp256k1_1.secp256k1.utils.isValidPrivateKey(this.secret)) {
+        this.secret = secret === undefined ? (0, utils_1.getValidSecret)() : secret;
+        if (!(0, utils_1.isValidPrivateKey)(this.secret)) {
             throw new Error("Invalid private key");
         }
-        this.publicKey = new PublicKey_1.default(Buffer.from(secp256k1_1.secp256k1.getPublicKey(this.secret)));
+        this.publicKey = new PublicKey_1.default((0, utils_1.getPublicKey)(this.secret));
     }
@@ -28,7 +26,14 @@ PrivateKey.fromHex = function (hex) {
     PrivateKey.prototype.encapsulate = function (pub) {
-        var master = Buffer.concat([this.publicKey.uncompressed, this.multiply(pub)]);
-        return Buffer.from((0, hkdf_1.hkdf)(sha256_1.sha256, master, undefined, undefined, 32));
+        var master;
+        if ((0, config_1.isHkdfKeyCompressed)()) {
+            master = Buffer.concat([this.publicKey.compressed, this.multiply(pub, true)]);
+        }
+        else {
+            master = Buffer.concat([this.publicKey.uncompressed, this.multiply(pub, false)]);
+        }
+        return (0, utils_1.deriveKey)(master);
     };
-    PrivateKey.prototype.multiply = function (pub) {
-        return Buffer.from(secp256k1_1.secp256k1.getSharedSecret(this.secret, pub.compressed, false));
+    PrivateKey.prototype.multiply = function (pub, compressed) {
+        if (compressed === void 0) { compressed = false; }
+        return (0, utils_1.getSharedPoint)(this.secret, pub.compressed, compressed);
     };
@@ -35,0 +40,0 @@ PrivateKey.prototype.equals = function (other) {

dist/keys/PublicKey.js

 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-var secp256k1_1 = require("@noble/curves/secp256k1");
-var hkdf_1 = require("@noble/hashes/hkdf");
-var sha256_1 = require("@noble/hashes/sha256");
+var config_1 = require("../config");
 var consts_1 = require("../consts");
@@ -10,8 +8,8 @@ var utils_1 = require("../utils");
     function PublicKey(buffer) {
-        this.uncompressed = Buffer.from(secp256k1_1.secp256k1.getSharedSecret(consts_1.ONE, buffer, false));
-        this.compressed = Buffer.from(secp256k1_1.secp256k1.getSharedSecret(consts_1.ONE, buffer, true));
+        this.uncompressed = (0, utils_1.getSharedPoint)(consts_1.ONE, buffer, false);
+        this.compressed = (0, utils_1.getSharedPoint)(consts_1.ONE, buffer, true);
     }
     PublicKey.fromHex = function (hex) {
         var decoded = (0, utils_1.decodeHex)(hex);
-        if (decoded.length === consts_1.UNCOMPRESSED_PUBLIC_KEY_SIZE - 1) {
+        if (decoded.length === consts_1.ETH_PUBLIC_KEY_SIZE) {
             // eth public key
@@ -34,4 +32,10 @@ var prefix = Buffer.from([0x04]);
     PublicKey.prototype.decapsulate = function (priv) {
-        var master = Buffer.concat([this.uncompressed, priv.multiply(this)]);
-        return Buffer.from((0, hkdf_1.hkdf)(sha256_1.sha256, master, undefined, undefined, 32));
+        var master;
+        if ((0, config_1.isHkdfKeyCompressed)()) {
+            master = Buffer.concat([this.compressed, priv.multiply(this, true)]);
+        }
+        else {
+            master = Buffer.concat([this.uncompressed, priv.multiply(this, false)]);
+        }
+        return (0, utils_1.deriveKey)(master);
     };
@@ -38,0 +42,0 @@ PublicKey.prototype.equals = function (other) {

package.json

@@ -10,2 +10,5 @@ {
   },
+  "engines": {
+    "node": ">=16.0.0"
+  },
   "keywords": [
@@ -33,3 +36,3 @@ "secp256k1",
   },
-  "version": "0.4.0",
+  "version": "0.4.1",
   "dependencies": {
@@ -40,5 +43,5 @@ "@noble/curves": "^1.1.0"
     "@types/jest": "^29.5.2",
-    "@types/node": "^20.3.2",
+    "@types/node": "^20.4.2",
     "axios": "^1.4.0",
-    "jest": "^29.5.0",
+    "jest": "^29.6.1",
     "ts-jest": "^29.1.0",
@@ -45,0 +48,0 @@ "ts-node": "^10.9.1",

README.md

@@ -92,37 +92,27 @@ # eciesjs
 
-## Release Notes
+## Configuration
 
-### 0.4.0
+Ephemeral key format in the payload and shared key in the key derivation can be configured as compressed or uncompressed format.
 
-- Change secp256k1 library to [noble-curves](https://github.com/paulmillr/noble-curves), which is [audited](https://github.com/paulmillr/noble-curves/tree/main/audit)
-- Change hash library to [noble-hashes](https://github.com/paulmillr/noble-hashes)
-- Change test library to [jest](https://jestjs.io/)
-- Bump dependencies
-- Drop Node 14 support
+```ts
+class Config {
+  isEphemeralKeyCompressed: boolean = false;
+  isHkdfKeyCompressed: boolean = false;
+  symmetricAlgorithm: Algorithm = "aes-256-gcm"; // currently we only support aes-256-gcm
+  symmetricNonceLength: NonceLength = 16;
+}
 
-### 0.3.1 ~ 0.3.17
+export const ECIES_CONFIG = new Config();
+```
 
-- Support Node 18, 20
-- Drop Node 10, 12 support
-- Bump dependencies
-- Update documentation
-- Extract constant variables and rename some parameters
+For example, if you set `isEphemeralKeyCompressed = true`, the payload would be like: `33 Bytes + AES` instead of `65 Bytes + AES`.
 
-### 0.3.0
+If you set `isHkdfKeyCompressed = true`, the hkdf key would be derived from `ephemeral public key (compressed) + shared public key (compressed)` instead of `ephemeral public key (uncompressed) + shared public key (uncompressed)`.
 
-- API change: `encrypt/decrypt` now can take both hex `string` and `Buffer`
+If you set `symmetricNonceLength = 12`, then the nonce of aes-256-gcm would be 12 bytes.
 
-### 0.2.0
+For compatibility, make sure different applications share the same configuration.
 
-- API change: use `HKDF-sha256` to derive shared keys instead of `sha256`
-- Bump dependencies
-- Update documentation
+## Changelog
 
-### 0.1.1 ~ 0.1.5
-
-- Bump dependencies
-- Update documentation
-
-### 0.1.0
-
-- First beta version release
+See [CHANGELOG.md](./CHANGELOG.md)

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

20336

increased by34.42%

Number of package files

23

increased by53.33%

Lines of code

343

increased by53.13%

Worsened metrics

Number of lines in readme file

118

decreased by-7.81%

Number of medium supply chain risk alerts

1

increased byInfinity%

No dependency changes