{"version":3,"sources":["../../src/enc.mts"],"sourcesContent":["import * as ed from '@noble/ed25519';\nimport { md5 as nobleMd5, sha1 as nobleSha1 } from '@noble/hashes/legacy.js';\nimport { sha256 as nobleSha256, sha512 as nobleSha512 } from '@noble/hashes/sha2.js';\nimport { sha3_256 as nobleSha3_256, sha3_512 as nobleSha3_512 } from '@noble/hashes/sha3.js';\nimport crypto from 'crypto';\nimport type { DecodeOptions, JwtPayload, Secret, SignOptions, VerifyOptions } from 'jsonwebtoken';\nimport jwtLib from 'jsonwebtoken';\nimport {\n compareBcrypt,\n encryptPassword as cryptoEncryptPassword,\n isBcryptHash as cryptoIsBcryptHash,\n} from './crypto.mjs';\n\n// Setup ed25519 hashing function\ned.hashes.sha512 = nobleSha512;\ned.hashes.sha512Async = (m: Uint8Array) => Promise.resolve(nobleSha512(m));\n\n/**\n * Hash utilities for common cryptographic hashing algorithms\n */\nexport namespace hash {\n /**\n * Generates an MD5 hash of the input string\n *\n * @param data - The string to hash\n * @returns The MD5 hash as a hexadecimal string\n *\n * @example\n * ```typescript\n * hash.md5('hello world')\n * // Returns: '5eb63bbbe01eeed093cb22bb8f5acdc3'\n * ```\n */\n export function md5(data: string): string {\n const hash = nobleMd5(Buffer.from(data, 'utf8'));\n return Buffer.from(hash).toString('hex');\n }\n\n /**\n * Generates a SHA-1 hash of the input string\n *\n * @param data - The string to hash\n * @returns The SHA-1 hash as a hexadecimal string\n *\n * @example\n * ```typescript\n * hash.sha1('hello world')\n * // Returns: '2aae6c35c94fcfb415dbe95f408b9ce91ee846ed'\n * ```\n */\n export function sha1(data: string): string {\n const hash = nobleSha1(Buffer.from(data, 'utf8'));\n return Buffer.from(hash).toString('hex');\n }\n\n /**\n * Generates a SHA-256 hash of the input string\n *\n * @param data - The string to hash\n * @returns The SHA-256 hash as a hexadecimal string\n *\n * @example\n * ```typescript\n * hash.sha256('hello world')\n * // Returns: 'b94d27b9934d3e08a52e52d7da7dabfac484efe37a5380ee9088f7ace2efcde9'\n * ```\n */\n export function sha256(data: string): string {\n const hash = nobleSha256(Buffer.from(data, 'utf8'));\n return Buffer.from(hash).toString('hex');\n }\n\n /**\n * Generates a SHA-512 hash of the input string\n *\n * @param data - The string to hash\n * @returns The SHA-512 hash as a hexadecimal string\n *\n * @example\n * ```typescript\n * hash.sha512('hello world')\n * // Returns: '309ecc489c12d6eb4cc40f50c902f2b4d0ed77ee511a7c7a9bcd3ca86d4cd86f989dd35bc5ff499670da34255b45b0cfd830e81f605dcf7dc5542e93ae9cd76f'\n * ```\n */\n export function sha512(data: string): string {\n const hash = nobleSha512(Buffer.from(data, 'utf8'));\n return Buffer.from(hash).toString('hex');\n }\n\n /**\n * Generates a SHA3-256 hash of the input string\n *\n * @param data - The string to hash\n * @returns The SHA3-256 hash as a hexadecimal string\n *\n * @example\n * ```typescript\n * hash.sha3_256('hello world')\n * // Returns: '644bcc7e564373040999aac89e7622f3ca71fba1d972fd94a31c3bfbf24e3938'\n * ```\n */\n export function sha3_256(data: string): string {\n const hashResult = nobleSha3_256(Buffer.from(data, 'utf8'));\n return Buffer.from(hashResult).toString('hex');\n }\n\n /**\n * Generates a SHA3-512 hash of the input string\n *\n * @param data - The string to hash\n * @returns The SHA3-512 hash as a hexadecimal string\n *\n * @example\n * ```typescript\n * hash.sha3_512('hello world')\n * // Returns: '840006653e9ac9e95117a15c915caab81662918e925de9e004f774ff82d7079a40d4d27b1b372657c61d46d470304c88c788b3a4527ad074d1dccbee5dbaa99a'\n * ```\n */\n export function sha3_512(data: string): string {\n const hashResult = nobleSha3_512(Buffer.from(data, 'utf8'));\n return Buffer.from(hashResult).toString('hex');\n }\n}\n\n/**\n * Password hashing and comparison utilities using bcrypt\n */\nexport namespace password {\n /**\n * Checks if a string is a valid bcrypt hash\n *\n * @param str - The string to check\n * @returns True if the string is a valid bcrypt hash, false otherwise\n *\n * @example\n * ```typescript\n * password.isBcryptHash('$2a$10$N9qo8uLOickgx2ZMRZoMyeIjZAgcfl7p92ldGxad68LJZdL17lhWy')\n * // Returns: true\n *\n * password.isBcryptHash('not a hash')\n * // Returns: false\n * ```\n */\n export function isBcryptHash(str: string): boolean {\n return cryptoIsBcryptHash(str);\n }\n\n /**\n * Encrypts a password using bcrypt\n *\n * @param password - The plain text password to encrypt\n * @param rounds - The number of rounds to use for salt generation (default: 10)\n * @returns A promise that resolves to the encrypted password hash\n *\n * @example\n * ```typescript\n * await password.encryptPassword('mySecurePassword')\n * // Returns: '$2a$10$N9qo8uLOickgx2ZMRZoMyeIjZAgcfl7p92ldGxad68LJZdL17lhWy'\n * ```\n */\n export async function encryptPassword(password: string, rounds: number = 10): Promise {\n // For custom rounds, we need to generate salt and hash manually\n if (rounds !== 10) {\n const bcrypt = (await import('bcryptjs')).default;\n const salt = await bcrypt.genSalt(rounds);\n return await bcrypt.hash(password, salt);\n }\n // Use existing crypto function for default rounds\n return cryptoEncryptPassword(password);\n }\n\n /**\n * Compares a plain text password with a bcrypt hash\n *\n * @param password - The plain text password to compare\n * @param hash - The bcrypt hash to compare against\n * @returns A promise that resolves to true if the password matches the hash, false otherwise\n *\n * @example\n * ```typescript\n * await password.comparePassword('myPassword', '$2a$10$N9qo8uLOickgx2ZMRZoMyeIjZAgcfl7p92ldGxad68LJZdL17lhWy')\n * // Returns: true or false\n * ```\n */\n export async function comparePassword(password: string, hash: string): Promise {\n return compareBcrypt(password, hash);\n }\n}\n\n/**\n * Cryptographic key generation utilities\n */\nexport namespace keys {\n /**\n * Generates an RSA key pair\n *\n * @param modulusLength - The modulus length in bits (default: 2048)\n * @returns An object containing the public and private keys in PEM format\n *\n * @example\n * ```typescript\n * const { publicKey, privateKey } = keys.rsa()\n * // Returns: { publicKey: '-----BEGIN PUBLIC KEY-----...', privateKey: '-----BEGIN PRIVATE KEY-----...' }\n * ```\n */\n export function rsa(modulusLength: number = 2048): { publicKey: string; privateKey: string } {\n const { publicKey, privateKey } = crypto.generateKeyPairSync('rsa', {\n modulusLength,\n publicKeyEncoding: {\n type: 'spki',\n format: 'pem',\n },\n privateKeyEncoding: {\n type: 'pkcs8',\n format: 'pem',\n },\n });\n return { publicKey, privateKey };\n }\n\n /**\n * Generates an Ed25519 key pair\n *\n * @returns A promise that resolves to an object containing the public and private keys as hex strings\n *\n * @example\n * ```typescript\n * const { publicKey, privateKey } = await keys.ed25519()\n * // Returns: { publicKey: '1a2b3c...', privateKey: '9f8e7d...' }\n * ```\n */\n export async function ed25519(): Promise<{ publicKey: string; privateKey: string }> {\n const keyPair = await ed.keygenAsync();\n return {\n publicKey: Buffer.from(keyPair.publicKey).toString('hex'),\n privateKey: Buffer.from(keyPair.secretKey).toString('hex'),\n };\n }\n}\n\n/**\n * JSON Web Token (JWT) utilities\n */\nexport namespace jwt {\n /**\n * Signs a JWT with the provided payload and secret\n *\n * @param payload - The payload to encode in the JWT\n * @param secret - The secret key to sign the JWT with\n * @param options - Optional JWT sign options (algorithm, expiresIn, etc.)\n * @returns The signed JWT token\n *\n * @example\n * ```typescript\n * const token = Enc.jwt.sign({ userId: 123 }, 'mySecret', { expiresIn: '1h' })\n * // Returns: 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...'\n * ```\n */\n export function sign(\n payload: string | object | Buffer,\n secret: Secret,\n options?: SignOptions\n ): string {\n return jwtLib.sign(payload, secret, options);\n }\n\n /**\n * Verifies a JWT token\n *\n * @param token - The JWT token to verify\n * @param secret - The secret key to verify the JWT with\n * @param options - Optional JWT verify options\n * @returns The decoded payload if verification succeeds\n * @throws Will throw an error if verification fails\n *\n * @example\n * ```typescript\n * try {\n * const payload = Enc.jwt.verify(token, 'mySecret')\n * console.log(payload) // { userId: 123, iat: 1234567890, exp: 1234571490 }\n * } catch (err) {\n * console.error('Invalid token')\n * }\n * ```\n */\n export function verify(\n token: string,\n secret: Secret,\n options?: VerifyOptions\n ): string | JwtPayload {\n return jwtLib.verify(token, secret, options);\n }\n\n /**\n * Decodes a JWT token without verifying its signature\n *\n * @param token - The JWT token to decode\n * @param options - Optional decode options\n * @returns The decoded payload or null if the token is invalid\n *\n * @example\n * ```typescript\n * const payload = Enc.jwt.decode(token)\n * // Returns: { userId: 123, iat: 1234567890, exp: 1234571490 }\n * ```\n */\n export function decode(token: string, options?: DecodeOptions): null | string | JwtPayload {\n return jwtLib.decode(token, options);\n }\n}\n\n/**\n * Digital signature utilities\n */\nexport namespace sign {\n /**\n * Signs data using Ed25519 private key\n *\n * @param privateKey - The Ed25519 private key as a hex string\n * @param data - The data to sign\n * @returns A promise that resolves to the signature as a hex string\n *\n * @example\n * ```typescript\n * const { privateKey } = await keys.ed25519()\n * const signature = await sign.ed25519(privateKey, 'message to sign')\n * // Returns: 'a1b2c3d4...'\n * ```\n */\n export async function ed25519(privateKey: string, data: string): Promise {\n const privateKeyBytes = Buffer.from(privateKey, 'hex');\n const messageBytes = Buffer.from(data, 'utf8');\n const signature = await ed.sign(messageBytes, privateKeyBytes);\n return Buffer.from(signature).toString('hex');\n }\n\n /**\n * Verifies an Ed25519 signature\n *\n * @param publicKey - The Ed25519 public key as a hex string\n * @param signature - The signature to verify as a hex string\n * @param data - The original data that was signed\n * @returns A promise that resolves to true if the signature is valid, false otherwise\n *\n * @example\n * ```typescript\n * const isValid = await sign.verifyEd25519(publicKey, signature, 'message to sign')\n * // Returns: true or false\n * ```\n */\n export async function verifyEd25519(\n publicKey: string,\n signature: string,\n data: string\n ): Promise {\n const publicKeyBytes = Buffer.from(publicKey, 'hex');\n const signatureBytes = Buffer.from(signature, 'hex');\n const messageBytes = Buffer.from(data, 'utf8');\n return await ed.verify(signatureBytes, messageBytes, publicKeyBytes);\n }\n}\n"],"mappings":";;AAAA,YAAY,QAAQ;AACpB,SAAS,OAAO,UAAU,QAAQ,iBAAiB;AACnD,SAAS,UAAU,aAAa,UAAU,mBAAmB;AAC7D,SAAS,YAAY,eAAe,YAAY,qBAAqB;AACrE,OAAO,YAAY;AAEnB,OAAO,YAAY;AACnB;AAAA,EACE;AAAA,EACA,mBAAmB;AAAA,EACnB,gBAAgB;AAAA,OACX;AAGP,GAAG,OAAO,SAAS;AACnB,GAAG,OAAO,cAAc,CAAC,MAAkB,QAAQ,QAAQ,YAAY,CAAC,CAAC;AAKlE,IAAU;AAAA,CAAV,CAAUA,UAAV;AAaE,WAAS,IAAI,MAAsB;AACxC,UAAMA,QAAO,SAAS,OAAO,KAAK,MAAM,MAAM,CAAC;AAC/C,WAAO,OAAO,KAAKA,KAAI,EAAE,SAAS,KAAK;AAAA,EACzC;AAHO,EAAAA,MAAS;AAAA;AAiBT,WAAS,KAAK,MAAsB;AACzC,UAAMA,QAAO,UAAU,OAAO,KAAK,MAAM,MAAM,CAAC;AAChD,WAAO,OAAO,KAAKA,KAAI,EAAE,SAAS,KAAK;AAAA,EACzC;AAHO,EAAAA,MAAS;AAAA;AAiBT,WAAS,OAAO,MAAsB;AAC3C,UAAMA,QAAO,YAAY,OAAO,KAAK,MAAM,MAAM,CAAC;AAClD,WAAO,OAAO,KAAKA,KAAI,EAAE,SAAS,KAAK;AAAA,EACzC;AAHO,EAAAA,MAAS;AAAA;AAiBT,WAAS,OAAO,MAAsB;AAC3C,UAAMA,QAAO,YAAY,OAAO,KAAK,MAAM,MAAM,CAAC;AAClD,WAAO,OAAO,KAAKA,KAAI,EAAE,SAAS,KAAK;AAAA,EACzC;AAHO,EAAAA,MAAS;AAAA;AAiBT,WAAS,SAAS,MAAsB;AAC7C,UAAM,aAAa,cAAc,OAAO,KAAK,MAAM,MAAM,CAAC;AAC1D,WAAO,OAAO,KAAK,UAAU,EAAE,SAAS,KAAK;AAAA,EAC/C;AAHO,EAAAA,MAAS;AAAA;AAiBT,WAAS,SAAS,MAAsB;AAC7C,UAAM,aAAa,cAAc,OAAO,KAAK,MAAM,MAAM,CAAC;AAC1D,WAAO,OAAO,KAAK,UAAU,EAAE,SAAS,KAAK;AAAA,EAC/C;AAHO,EAAAA,MAAS;AAAA;AAAA,GAlGD;AA2GV,IAAU;AAAA,CAAV,CAAUC,cAAV;AAgBE,WAAS,aAAa,KAAsB;AACjD,WAAO,mBAAmB,GAAG;AAAA,EAC/B;AAFO,EAAAA,UAAS;AAAA;AAiBhB,iBAAsB,gBAAgBA,WAAkB,SAAiB,IAAqB;AAE5F,QAAI,WAAW,IAAI;AACjB,YAAM,UAAU,MAAM,OAAO,UAAU,GAAG;AAC1C,YAAM,OAAO,MAAM,OAAO,QAAQ,MAAM;AACxC,aAAO,MAAM,OAAO,KAAKA,WAAU,IAAI;AAAA,IACzC;AAEA,WAAO,sBAAsBA,SAAQ;AAAA,EACvC;AATA,EAAAA,UAAsB;AAAA;AAwBtB,iBAAsB,gBAAgBA,WAAkBD,OAAgC;AACtF,WAAO,cAAcC,WAAUD,KAAI;AAAA,EACrC;AAFA,EAAAC,UAAsB;AAAA;AAAA,GAzDP;AAiEV,IAAU;AAAA,CAAV,CAAUC,UAAV;AAaE,WAAS,IAAI,gBAAwB,MAAiD;AAC3F,UAAM,EAAE,WAAW,WAAW,IAAI,OAAO,oBAAoB,OAAO;AAAA,MAClE;AAAA,MACA,mBAAmB;AAAA,QACjB,MAAM;AAAA,QACN,QAAQ;AAAA,MACV;AAAA,MACA,oBAAoB;AAAA,QAClB,MAAM;AAAA,QACN,QAAQ;AAAA,MACV;AAAA,IACF,CAAC;AACD,WAAO,EAAE,WAAW,WAAW;AAAA,EACjC;AAbO,EAAAA,MAAS;AAAA;AA0BhB,iBAAsB,UAA8D;AAClF,UAAM,UAAU,MAAM,GAAG,YAAY;AACrC,WAAO;AAAA,MACL,WAAW,OAAO,KAAK,QAAQ,SAAS,EAAE,SAAS,KAAK;AAAA,MACxD,YAAY,OAAO,KAAK,QAAQ,SAAS,EAAE,SAAS,KAAK;AAAA,IAC3D;AAAA,EACF;AANA,EAAAA,MAAsB;AAAA;AAAA,GAvCP;AAmDV,IAAU;AAAA,CAAV,CAAUC,SAAV;AAeE,WAASC,MACd,SACA,QACA,SACQ;AACR,WAAO,OAAO,KAAK,SAAS,QAAQ,OAAO;AAAA,EAC7C;AANO,EAAAD,KAAS,OAAAC;AAAA,SAAAA,OAAA;AA2BT,WAAS,OACd,OACA,QACA,SACqB;AACrB,WAAO,OAAO,OAAO,OAAO,QAAQ,OAAO;AAAA,EAC7C;AANO,EAAAD,KAAS;AAAA;AAqBT,WAAS,OAAO,OAAe,SAAqD;AACzF,WAAO,OAAO,OAAO,OAAO,OAAO;AAAA,EACrC;AAFO,EAAAA,KAAS;AAAA;AAAA,GA/DD;AAuEV,IAAU;AAAA,CAAV,CAAUC,UAAV;AAeL,iBAAsB,QAAQ,YAAoB,MAA+B;AAC/E,UAAM,kBAAkB,OAAO,KAAK,YAAY,KAAK;AACrD,UAAM,eAAe,OAAO,KAAK,MAAM,MAAM;AAC7C,UAAM,YAAY,MAAM,GAAG,KAAK,cAAc,eAAe;AAC7D,WAAO,OAAO,KAAK,SAAS,EAAE,SAAS,KAAK;AAAA,EAC9C;AALA,EAAAA,MAAsB;AAAA;AAqBtB,iBAAsB,cACpB,WACA,WACA,MACkB;AAClB,UAAM,iBAAiB,OAAO,KAAK,WAAW,KAAK;AACnD,UAAM,iBAAiB,OAAO,KAAK,WAAW,KAAK;AACnD,UAAM,eAAe,OAAO,KAAK,MAAM,MAAM;AAC7C,WAAO,MAAM,GAAG,OAAO,gBAAgB,cAAc,cAAc;AAAA,EACrE;AATA,EAAAA,MAAsB;AAAA;AAAA,GApCP;","names":["hash","password","keys","jwt","sign"]}