@stellar-fox/cryptops

Crypto building blocks.

License:
  • Apache-2.0
Source:

Members

(inner, constant) version :String

Library version.

Source:
Type:
  • String

Methods

(inner) aesDecrypt(key, ciphertext) → {Uint8Array}

Symmetric aes256 decryption in counter mode (CTR). Uses crypto-browserify implementation.

Source:
See:
Parameters:
Name Type Description
key Uint8Array

Decryption key.
ciphertext Uint8Array

A content to decrypt.
Returns:
Type:
Uint8Array

Decrypted message.

(inner) aesEncrypt(key, message) → {Uint8Array}

Symmetric aes256 encryption in counter mode (CTR). Uses crypto-browserify implementation.

Source:
See:
Parameters:
Name Type Description
key Uint8Array

Encryption key.
message Uint8Array

A content to encrypt.
Returns:
Type:
Uint8Array

Initialization Vector concatenated with Ciphertext.

(inner) aesNonce() → {Uint8Array}

Generate nonce suitable to use with aesEncrypt/aesDecrypt functions.

Source:
Returns:
Type:
Uint8Array

(inner) decodeUUID(uuid) → {Object}

Extract timestamp, user agent id and random component from given uuid, which was generated using genUUID().

Source:
Parameters:
Name Type Description
uuid Uint8Array
Returns:
Type:
Object

(inner) decrypt(key, ciphertext) → {Uint8Array|Null}

Double-cipher (aes/salsa) decryption with poly1305 MAC. Uses dchest/tweetnacl-js "secretbox" for xsalsa20-poly1305 and crypto-browserify for aes-256-ctr decryption. Inspired by keybase.io/triplesec.

Algorithm:

  1. [encdec.MAGIC + encdec.VERSION] part of ciphertext is checked
  2. [salsaNonce + salsaCiphertext] is being decrypted with aes-256-ctr using last 32 bytes of key and aesNonce from [aesNonce + aesCiphertext] part of ciphertext
  3. message is being decrypted with xsalsa20 using first 32 bytes of key and salsaNonce from [salsaNonce + salsaCiphertext]
  4. If salsa-decryption succeeded then message is returned, otherwise null.
Source:
See:
Parameters:
Name Type Description
key Uint8Array

512 bits (64 bytes) decryption key.
ciphertext Uint8Array

A content to decrypt.
Returns:
Type:
Uint8Array | Null

byte representation of a decrypted content or null if decryption is not possible.

(async, inner) deriveKey(passopt, saltopt, optsopt) → {Promise.<Uint8Array>}

Password-based key-derivation. Uses scrypt implemented in ricmoo/scrypt-js.

Source:
See:
Parameters:
Name Type Attributes Default Description
pass Uint8Array <optional>
 Uint8Array.from([])

A password to derive key.
salt Uint8Array <optional>
 (new Uint8Array(32)).fill(0)
opts KeyDerivationOptions <optional>
 {}

@see KeyDerivationOptions
Returns:
Type:
Promise.<Uint8Array>

(inner) encrypt(key, message) → {Uint8Array}

Double-cipher (salsa/aes) encryption with poly1305 MAC. Uses dchest/tweetnacl-js "secretbox" for xsalsa20-poly1305 and crypto-browserify for aes-256-ctr encryption. Inspired by keybase.io/triplesec.

Algorithm:

  1. salsaNonce is created
  2. message is being encrypted with xsalsa20 using first 32 bytes of key and salsaNonce producing [salsaNonce + salsaCiphertext]
  3. aesNonce is created
  4. [salsaNonce + salsaCiphertext] is being encrypted with aes-256-ctr using last 32 bytes of key and aesNonce producing [aesNonce + aesCiphertext]
  5. [encdec.MAGIC + encdec.VERSION + aesNonce + aesCiphertext] is returned as an Uint8Array result
Source:
See:
Parameters:
Name Type Description
key Uint8Array

512 bits (64 bytes) encryption key.
message Uint8Array

A content to encrypt.
Returns:
Type:
Uint8Array

[MAGIC] + [VERSION] + [AES IV] + [Ciphertext].

(inner) genKey(passopt, saltopt, countopt) → {Uint8Array}

Password-based key-derivation. Uses pbkdf2 implemented in bitwiseshiftleft/sjcl.

Source:
See:
Parameters:
Name Type Attributes Default Description
pass Uint8Array <optional>
 Uint8Array.from([])

A password to derive key.
salt Uint8Array <optional>
 (new Uint8Array(32)).fill(0)
count Number <optional>
 2**12

Difficulty.
Returns:
Type:
Uint8Array

(inner) genUUID() → {Uint8Array}

Generate 128 bits UUID. Comprised of:

  • 48 bits of milliseconds since epoch
  • 32 bits of truncated sha256 sum of userAgent string
  • 48 random bits
Source:
Returns:
Type:
Uint8Array

(async, inner) passphraseDecrypt(passphrase, ciphertext, optsopt) → {Promise.<Uint8Array>|Promise.<Null>}

Double-cipher scrypt-based key-from-passphrase-deriving decrypter. A passphrase is normalized to Normalization Form Canonical Composition.

Source:
See:
Parameters:
Name Type Attributes Default Description
passphrase String

A password to derive key from.
ciphertext String

A base64-encoded content to decrypt.
opts KeyDerivationOptions <optional>
 {}

@see KeyDerivationOptions.
Returns:
Type:
Promise.<Uint8Array> | Promise.<Null>

byte representation of a decrypted content or null if decryption is not possible.

(async, inner) passphraseEncrypt(passphrase, message, optsopt) → {Promise.<String>}

Double-cipher scrypt-based key-from-passphrase-deriving encrypter. A passphrase is normalized to Normalization Form Canonical Composition.

Source:
See:
Parameters:
Name Type Attributes Default Description
passphrase String

A password to derive key from.
message Uint8Array

A content to encrypt.
opts Object <optional>
 {}

@see KeyDerivationOptions. salt can be passed here as an additional parameter.
Returns:
Type:
Promise.<String>

base64-encoded ciphertext

(inner) random(n) → {Uint8Array}

Retrieve 'n' random bytes from CSPRNG pool. Alias for tweetnacl.randomBytes().

Source:
See:
Parameters:
Name Type Description
n Number
Returns:
Type:
Uint8Array

(inner) salsaDecrypt(key, ciphertext) → {Uint8Array|null}

Symmetric xsalsa20-poly1305 decryption. Uses dchest/tweetnacl-js implementation.

Source:
See:
Parameters:
Name Type Description
key Uint8Array

Decryption key.
ciphertext Uint8Array

A content to decrypt.
Returns:
Type:
Uint8Array | null

Decrypted message or null.

(inner) salsaEncrypt(key, message) → {Uint8Array}

Symmetric xsalsa20-poly1305 encryption. Uses dchest/tweetnacl-js implementation.

Source:
See:
Parameters:
Name Type Description
key Uint8Array

Encryption key.
message Uint8Array

A content to encrypt.
Returns:
Type:
Uint8Array

Initialization Vector concatenated with Ciphertext.

(inner) salsaNonce() → {Uint8Array}

Generate nonce suitable to use with salsaEncrypt/salsaDecrypt functions.

Source:
Returns:
Type:
Uint8Array

(inner) salt32() → {Uint8Array}

Generate 32-byte value. Can be used as salt.

Source:
Returns:
Type:
Uint8Array

(inner) salt64() → {Uint8Array}

Generate 64-byte value. Can be used as salt.

Source:
Returns:
Type:
Uint8Array

(inner) sha256(input) → {Uint8Array}

Compute a sha256 hash from a given input. Uses bitwiseshiftleft/sjcl's sha256 implementation.

Source:
See:
Parameters:
Name Type Description
input Uint8Array
Returns:
Type:
Uint8Array

(inner) sha512(input) → {Uint8Array}

Compute a sha512 hash from a given input. Uses dchest/tweetnacl-js's sha512 implementation.

Source:
See:
Parameters:
Name Type Description
input Uint8Array
Returns:
Type:
Uint8Array

(inner) timestamp() → {Uint8Array}

Generate 48 bits (6 bytes) timestamp - milliseconds since epoch.

Source:
Returns:
Type:
Uint8Array

Type Definitions

KeyDerivationOptions

Key derivation options object type definition.

Properties:
Name Type Attributes Default Description
count Number <optional>
 2**12

Difficulty (CPU/memory cost)
blockSize Number <optional>
 8

The block size
parallelization Number <optional>
 1

Parallelization cost
derivedKeySize Number <optional>
 64

Derived key size in bytes
progressCallback function <optional>
 ()=>false
Source:
Type:
  • Object