encryptionpackage - npm Package Compare versions

Comparing version 1.0.1 to 1.0.2

encryption.js

 // encryption.js
 
-// Encryption using Web Crypto API
-export async function encrypt(text, key) {
+// Helper function to derive a key from a passphrase
+async function deriveKey(passphrase) {
     const encoder = new TextEncoder();
-    const encodedKey = encoder.encode(key);
+    const keyMaterial = await crypto.subtle.importKey(
+        'raw',
+        encoder.encode(passphrase),
+        { name: 'PBKDF2' },
+        false,
+        ['deriveBits']
+    );
 
-    // Generate a key from the passphrase (symmetric key)
-    const cryptoKey = await crypto.subtle.importKey(
-        'raw',
-        encodedKey,
+    // Derive a 256-bit AES key
+    const key = await crypto.subtle.deriveKey(
+        {
+            name: 'PBKDF2',
+            salt: crypto.getRandomValues(new Uint8Array(16)), // Random salt for security
+            iterations: 100000,
+            hash: 'SHA-256'
+        },
+        keyMaterial,
         { name: 'AES-CBC', length: 256 },
-        false,
+        true,
         ['encrypt', 'decrypt']
     );
 
-    const iv = crypto.getRandomValues(new Uint8Array(16));
+    return key;
+}
 
+// Encryption using Web Crypto API
+export async function encrypt(text, passphrase) {
+    const encoder = new TextEncoder();
+    const cryptoKey = await deriveKey(passphrase); // Derive key from passphrase
+
+    const iv = crypto.getRandomValues(new Uint8Array(16)); // Generate random IV
+
     // Encrypt the text
@@ -33,12 +52,5 @@ const encrypted = await crypto.subtle.encrypt(
 // Decryption using Web Crypto API
-export async function decrypt(encryptedData, key) {
+export async function decrypt(encryptedData, passphrase) {
     const decoder = new TextDecoder();
-    const encodedKey = new TextEncoder().encode(key);
-    const cryptoKey = await crypto.subtle.importKey(
-        'raw',
-        encodedKey,
-        { name: 'AES-CBC', length: 256 },
-        false,
-        ['encrypt', 'decrypt']
-    );
+    const cryptoKey = await deriveKey(passphrase); // Derive key from passphrase
 
@@ -45,0 +57,0 @@ const iv = new Uint8Array(encryptedData.iv);

package.json

 {
   "name": "encryptionpackage",
-  "version": "1.0.1", 
+  "version": "1.0.2",
   "main": "encryption.js",
-  "module": "encryption.js", 
-  "type": "module", 
+  "module": "encryption.js",
+  "type": "module",
   "scripts": {
-    "test": "echo \"Error: no test specified\" && exit 1"
+    "test": "node test.js"
   },
-  "keywords": ["encryption", "decryption", "aes-256-cbc", "webcrypto", "browser", "cdn"],
+  "keywords": [
+    "encryption",
+    "decryption",
+    "aes-256-cbc",
+    "webcrypto",
+    "browser",
+    "cdn"
+  ],
   "author": "Dhwani Upadhyay",
-  "license": "ISC"
+  "license": "ISC",
+  "dependencies": {
+    "encryptionpackage": "file:"
+  }
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

No tests

Quality

Package does not have any tests. This is a strong signal of a poorly maintained or low quality package.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

3988

increased by16.92%

Lines of code

62

increased by19.23%

Number of low quality alerts

1

decreased by-50%

Worsened metrics

Dependency count

1

increased byInfinity%

Dependency changes

• + Addedencryptionpackage@file: