npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

nestjs-cryptography

v3.1.0

Published

Secure NestJS cryptography module 🔐

Downloads

213

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

thewolfx41thewolfx41

Keywords

Readme

codecov Codacy Badge CodeQL Publish Wiki

NestJS - Cryptography

Quick Start

Overview & Tutorial

Introduction

This library was created to address a common problem encountered when performing cryptographic operations in our projects. It simplifies and streamlines the process, making it easier to implement secure and efficient cryptographic solutions. Additionally, it helps avoid common mistakes, such as the reuse of initialization vectors, reuse of encryption keys, or simple the use of keys that are not cryptographically secure.

Our library employs modern cryptographic standards to provide robust security and protect your data against advanced threats. We utilize a suite of trusted algorithms and practices recognized in the cryptographic community:

  • Argon2: A cutting-edge key derivation function designed to resist GPU and ASIC attacks, making it highly effective against brute-force attempts. It offers configurable memory and time costs to balance performance and security.
  • SHA3: The latest member of the Secure Hash Algorithm family, SHA3 provides enhanced security over its predecessors (SHA-1 and SHA-2) and is resilient against known cryptographic attacks.
  • AES-256-GCM: Advanced Encryption Standard with a 256-bit key in Galois/Counter Mode ensures both data confidentiality and integrity. AES-256-GCM is widely used and trusted for its high level of security and performance.
  • SHAKE256: A versatile extendable-output function (XOF) from the SHA-3 family, SHAKE256 allows for variable-length output, making it suitable for a variety of cryptographic applications like key generation and hashing.
  • HKDF-SHA3-256: A HMAC-based Key Derivation Function using SHA3-256 as the underlying hash function. HKDF-SHA3-256 ensures secure and reliable derivation of cryptographic keys from a master secret.
  • HMAC-SHA3-256: A mechanism for message authentication using SHA3-256. HMAC-SHA3-256 provides data integrity and authenticity by allowing verification that a message has not been altered.
  • Constant-Time Secret Comparisons: To protect against timing attacks, our library implements constant-time algorithms for comparing secrets. This means the time taken to perform the comparison does not depend on the data being compared, preventing attackers from inferring information based on execution time.

Installation

This package are available on the npm registry.

yarn add nestjs-cryptography

or

npm install nestjs-cryptography

Usage on Services

To access cryptography methods from our CryptographyService, you could inject it using standard constructor injection

import { Injectable } from '@nestjs/common';
import { CryptographyService } from 'nestjs-cryptography';

@Injectable()
export class SomeService {
  constructor(
    // Inject using constructor injection
    private readonly cryptographyService: CryptographyService
  ) {}

  async someMethod(): Promise<string> {
    // Access service methods
    return this.cryptographyService.genUUID();
  }
}

Configuration

Once the installation is complete, the CryptographyModule can be configured as any other Nest package with forRoot or forRootAsync methods.

You could see the complete available settings here

import {
  CryptographyModule,
  CryptographyOptionsInterface,
} from 'nestjs-cryptography';

@Module({
  imports: [
    CryptographyModule.forRoot<CryptographyOptionsInterface>({
      // The rest of the configuration
      encryption: {
        symmetric: {
          masterKey: '5f7f...46bf'
        }
      }
    }),
  ],
})
export class AppModule {}

[!TIP] Like other factory providers, our factory function can be async and can inject dependencies through inject. For example, you mat want to get the configuration using the ConfigurationModule, so to do this you should use the forRootAsync method ⬇️⬇️⬇️.

import {
  CryptographyModule,
  CryptographyOptionsInterface,
} from 'nestjs-cryptography';

@Module({
  imports: [
    CryptographyModule.forRootAsync<CryptographyOptionsInterface>({
      imports: [ConfigModule],
      useFactory: async (configService: ConfigService) => ({
        // The rest of the configuration
        encryption: {
          symmetric: {
            masterKey: configService.get<string>('CRYPTOGRAPHY.MASTER_KEY')
          }
        }
      }),
      inject: [ConfigService],
    }),
  ],
})
export class AppModule {}

The forRoot() and forRootAsync method takes an options object as an argument. These options are passed through to the underlying cryptographic operations of the instance module.

[!NOTE] Please take a look at the documentation site to see the available methods and the complete configuration