npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

jsonwebcrypto

v1.4.1

Published

A utility library for working with crypto in Node.js

Downloads

20

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

andresferandresfer

Keywords

cryptoencryptionnodejstypescript

Readme

Json Web crypto Library 🔒🛡️

Esta es una imagen de ejemplo

This library serves as a simple and efficient wrapper around Node.js's crypto module, designed to facilitate hashing, encryption, and other cryptographic operations.

Key Features:

  • Comprehensive Security Functions: All security-related functions and utilities are consolidated within this library. This includes password hashing, encryption, decryption, and more, making it a one-stop solution for your cryptographic needs.

  • Ease of Use: Provides a user-friendly interface to perform complex cryptographic operations, reducing the complexity involved in using Node.js's crypto module directly.

  • Efficient Performance: Optimized for performance, ensuring that cryptographic operations are carried out swiftly and securely.

  • No Need for Multiple Libraries: By integrating a wide range of cryptographic functions into a single library, it eliminates the need to install and manage multiple libraries. This simplifies development and ensures better maintainability.

Installation

Install the library using npm:

npm install jsonwebcrypto

JWT Utilities 🔑

This project provides utility functions for signing and verifying JSON Web Tokens (JWT) using HMAC algorithms. The main functions are signJWT and verifyJWT.

  • signJWT 🛡️
import { signJWT } from 'jsonwebcrypto';

const payload: JWTPayload = { userId: 123 };

const secret = 'mysecretkey';

//Options object is optional⭐
const options: SignOptions = {
  expiresIn: '3d', // 3 days
  notBefore: '1h', // 1 hour
  algorithm: 'HS256' // HMAC SHA-256
};

const token = signJWT(payload, secret, options);
  • verifyJWT
import { verifyJWT } from 'jsonwebcrypto';

const tokenToVerify = 'your.jwt.token.here';
const secret = 'mysecretkey';

try {
    //if you assigned audience or other option here validate, otherwise just send secret and token
    const decoded = verifyJWT(tokenToVerify, secret, { audience: 'your-audience'});
  } catch (error) {
    if (error instanceof TokenExpiredError) {
      console.error('Token has expired:', error.expiredAt);
    } else if (error instanceof JsonWebTokenError) {
      console.error('JWT Error:', error.message);
    } else {
      console.error('Unknown error:', error);
    }
  }

More Secure Password Derivation 🔐

To derive passwords more securely.

The function derivePasswordHash() internally uses a key derivation algorithm specifically designed to be secure for password storage. It is resistant to brute-force attacks and hardware-specialized attacks (such as ASICs).

    import { derivePasswordHash, generateSalt } from "jsonwebcrypto";

    const password = "secret key";
    const salt = generateSalt(16);

    const passwordHashed = derivePasswordHash(password, salt);
    passwordHashed // 60270c8ab01a4b357ee72981d5700d06508d6ad4cd75080798b0c9ed363bf021

Using Hash Functionality:


import { hash } from 'jsonwebcrypto';

// Default algorithm (sha256)
const hashedData = hash('mySensitiveData');
// 6a3f1170639924207838c3715ff94989db6ec344759e311073852ea882993fbb

// Using a different algorithm (sha512)
const sha512HashedData = hash('mySensitiveData', 'sha512');
//7ce5e2c90d3960dfde32ee7f8427a0a0ed020dd6b9a4162e11a37d12ea95d596d6210757be7427ca3fb9142a804065067868ebeda67d989b5f5a55f4b00d7590

Using the UUID Generator Functionality


import { generateRandomUUID } from 'jsonwebcrypto';

const customerUUID = generateRandomUUID();

customerUUID: // '9b1deb4d-3b7d-4bad-9bdd-2b0d7b3dcb6d'