Members
Methods
(inner) aesDecrypt(key, ciphertext) → {Uint8Array}
Symmetric aes256
decryption in counter mode (CTR).
Uses crypto-browserify
implementation.
Parameters:
Name | Type | Description |
---|---|---|
key |
Uint8Array
|
Decryption key. |
ciphertext |
Uint8Array
|
A content to decrypt. |
Returns:
- Type:
-
Uint8Array
Decrypted message.
(inner) aesEncrypt(key, message) → {Uint8Array}
Symmetric aes256
encryption in counter mode (CTR).
Uses crypto-browserify
implementation.
Parameters:
Name | Type | Description |
---|---|---|
key |
Uint8Array
|
Encryption key. |
message |
Uint8Array
|
A content to encrypt. |
Returns:
- Type:
-
Uint8Array
Initialization Vector concatenated with Ciphertext.
(inner) aesNonce() → {Uint8Array}
Generate nonce suitable to use with aesEncrypt/aesDecrypt functions.
Returns:
- Type:
-
Uint8Array
(inner) decodeUUID(uuid) → {Object}
Extract timestamp
, user agent id
and random
component
from given uuid
, which was generated using genUUID()
.
Parameters:
Name | Type | Description |
---|---|---|
uuid |
Uint8Array
|
Returns:
- Type:
-
Object
(inner) decrypt(key, ciphertext) → {Uint8Array|Null}
Double-cipher (aes
/salsa
) decryption with poly1305
MAC.
Uses dchest/tweetnacl-js
"secretbox" for xsalsa20-poly1305
and crypto-browserify
for aes-256-ctr
decryption.
Inspired by keybase.io/triplesec
.
Algorithm:
- [
encdec.MAGIC
+encdec.VERSION
] part ofciphertext
is checked [salsaNonce + salsaCiphertext]
is being decrypted withaes-256-ctr
using last 32 bytes ofkey
andaesNonce
from[aesNonce + aesCiphertext]
part ofciphertext
message
is being decrypted withxsalsa20
using first 32 bytes ofkey
andsalsaNonce
from[salsaNonce + salsaCiphertext]
- If salsa-decryption succeeded then
message
is returned, otherwisenull
.
Parameters:
Name | Type | Description |
---|---|---|
key |
Uint8Array
|
512 bits (64 bytes) decryption key. |
ciphertext |
Uint8Array
|
A content to decrypt. |
Returns:
- Type:
-
Uint8Array
|Null
byte representation
of a decrypted content or null
if decryption is not possible.
(async, inner) deriveKey(passopt, saltopt, optsopt) → {Promise.<Uint8Array>}
Password-based key-derivation.
Uses scrypt
implemented in ricmoo/scrypt-js
.
- Source:
- See:
Parameters:
Name | Type | Attributes | Default | Description |
---|---|---|---|---|
pass |
Uint8Array
|
<optional> |
Uint8Array.from([]) |
A password to derive key. |
salt |
Uint8Array
|
<optional> |
(new Uint8Array(32)).fill(0) | |
opts |
KeyDerivationOptions
|
<optional> |
{} |
@see KeyDerivationOptions |
Returns:
- Type:
-
Promise.<Uint8Array>
(inner) encrypt(key, message) → {Uint8Array}
Double-cipher (salsa
/aes
) encryption with poly1305
MAC.
Uses dchest/tweetnacl-js
"secretbox" for xsalsa20-poly1305
and crypto-browserify
for aes-256-ctr
encryption.
Inspired by keybase.io/triplesec
.
Algorithm:
salsaNonce
is createdmessage
is being encrypted withxsalsa20
using first 32 bytes ofkey
andsalsaNonce
producing[salsaNonce + salsaCiphertext]
aesNonce
is created[salsaNonce + salsaCiphertext]
is being encrypted withaes-256-ctr
using last 32 bytes ofkey
andaesNonce
producing[aesNonce + aesCiphertext]
- [
encdec.MAGIC
+encdec.VERSION
+aesNonce
+aesCiphertext
] is returned as anUint8Array
result
Parameters:
Name | Type | Description |
---|---|---|
key |
Uint8Array
|
512 bits (64 bytes) encryption key. |
message |
Uint8Array
|
A content to encrypt. |
Returns:
- Type:
-
Uint8Array
[MAGIC] + [VERSION] + [AES IV] + [Ciphertext].
(inner) genKey(passopt, saltopt, countopt) → {Uint8Array}
Password-based key-derivation.
Uses pbkdf2
implemented in bitwiseshiftleft/sjcl
.
- Source:
- See:
Parameters:
Name | Type | Attributes | Default | Description |
---|---|---|---|---|
pass |
Uint8Array
|
<optional> |
Uint8Array.from([]) |
A password to derive key. |
salt |
Uint8Array
|
<optional> |
(new Uint8Array(32)).fill(0) | |
count |
Number
|
<optional> |
2**12 |
Difficulty. |
Returns:
- Type:
-
Uint8Array
(inner) genUUID() → {Uint8Array}
Generate 128 bits UUID. Comprised of:
- 48 bits of milliseconds since epoch
- 32 bits of truncated
sha256
sum of userAgent string - 48 random bits
Returns:
- Type:
-
Uint8Array
(async, inner) passphraseDecrypt(passphrase, ciphertext, optsopt) → {Promise.<Uint8Array>|Promise.<Null>}
Double-cipher scrypt-based key-from-passphrase-deriving decrypter.
A passphrase
is normalized to Normalization Form Canonical Composition.
- Source:
- See:
Parameters:
Name | Type | Attributes | Default | Description |
---|---|---|---|---|
passphrase |
String
|
A password to derive key from. |
||
ciphertext |
String
|
A base64-encoded content to decrypt. |
||
opts |
KeyDerivationOptions
|
<optional> |
{} |
@see KeyDerivationOptions. |
Returns:
- Type:
-
Promise.<Uint8Array>
|Promise.<Null>
byte representation
of a decrypted content or null
if decryption is not possible.
(async, inner) passphraseEncrypt(passphrase, message, optsopt) → {Promise.<String>}
Double-cipher scrypt-based key-from-passphrase-deriving encrypter.
A passphrase
is normalized to Normalization Form Canonical Composition.
- Source:
- See:
Parameters:
Name | Type | Attributes | Default | Description |
---|---|---|---|---|
passphrase |
String
|
A password to derive key from. |
||
message |
Uint8Array
|
A content to encrypt. |
||
opts |
Object
|
<optional> |
{} |
@see KeyDerivationOptions.
|
Returns:
- Type:
-
Promise.<String>
base64-encoded ciphertext
(inner) random(n) → {Uint8Array}
Retrieve 'n' random bytes from CSPRNG pool.
Alias for tweetnacl.randomBytes()
.
- Source:
- See:
Parameters:
Name | Type | Description |
---|---|---|
n |
Number
|
Returns:
- Type:
-
Uint8Array
(inner) salsaDecrypt(key, ciphertext) → {Uint8Array|null}
Symmetric xsalsa20-poly1305
decryption.
Uses dchest/tweetnacl-js
implementation.
- Source:
- See:
Parameters:
Name | Type | Description |
---|---|---|
key |
Uint8Array
|
Decryption key. |
ciphertext |
Uint8Array
|
A content to decrypt. |
Returns:
- Type:
-
Uint8Array
|null
Decrypted message or null.
(inner) salsaEncrypt(key, message) → {Uint8Array}
Symmetric xsalsa20-poly1305
encryption.
Uses dchest/tweetnacl-js
implementation.
- Source:
- See:
Parameters:
Name | Type | Description |
---|---|---|
key |
Uint8Array
|
Encryption key. |
message |
Uint8Array
|
A content to encrypt. |
Returns:
- Type:
-
Uint8Array
Initialization Vector concatenated with Ciphertext.
(inner) salsaNonce() → {Uint8Array}
Generate nonce suitable to use with salsaEncrypt/salsaDecrypt functions.
Returns:
- Type:
-
Uint8Array
(inner) salt32() → {Uint8Array}
Generate 32-byte value. Can be used as salt.
Returns:
- Type:
-
Uint8Array
(inner) salt64() → {Uint8Array}
Generate 64-byte value. Can be used as salt.
Returns:
- Type:
-
Uint8Array
(inner) sha256(input) → {Uint8Array}
Compute a sha256
hash from a given input.
Uses bitwiseshiftleft/sjcl
's sha256
implementation.
- Source:
- See:
Parameters:
Name | Type | Description |
---|---|---|
input |
Uint8Array
|
Returns:
- Type:
-
Uint8Array
(inner) sha512(input) → {Uint8Array}
Compute a sha512
hash from a given input.
Uses dchest/tweetnacl-js
's sha512
implementation.
- Source:
- See:
Parameters:
Name | Type | Description |
---|---|---|
input |
Uint8Array
|
Returns:
- Type:
-
Uint8Array
(inner) timestamp() → {Uint8Array}
Generate 48 bits (6 bytes) timestamp - milliseconds since epoch.
Returns:
- Type:
-
Uint8Array
Type Definitions
KeyDerivationOptions
Key derivation options object type definition.
Properties:
Name | Type | Attributes | Default | Description |
---|---|---|---|---|
count |
Number
|
<optional> |
2**12 | Difficulty (CPU/memory cost) |
blockSize |
Number
|
<optional> |
8 | The block size |
parallelization |
Number
|
<optional> |
1 | Parallelization cost |
derivedKeySize |
Number
|
<optional> |
64 | Derived key size in bytes |
progressCallback |
function
|
<optional> |
()=>false |
Type:
-
Object