npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

secure-crypto-random

v1.2.0

Published

lib for generation secure random int or string

Downloads

6

Readme

SecureCryptoRandom Library

SecureCryptoRandom is a JavaScript library designed for generating secure random passwords. It is based on the cryptographic functions of the browser and provides a set of methods for creating passwords of varying lengths using different character sets.

Key Features

  • Secure Randomness: The library utilizes the window.crypto API, if available, to generate random values using cryptographic primitives. This ensures a higher level of security and randomness compared to traditional pseudo-random number generators.

  • Customizable Password Generation: The library allows you to create passwords with various configurations:

    • Password Length: You can specify the desired length of the password.
    • Character Sets: Choose from uppercase letters, lowercase letters, numbers, and symbols to include in the generated password.
    • User String: Optionally, you can provide a user-defined string to be included in the password generation process.
  • Strong Entropy: By combining multiple character sets and using shuffling techniques, the library enhances the entropy of the generated passwords, making them more resistant to brute-force attacks.

  • User String Integration: The library offers the ability to incorporate a user-provided string into the password generation process. This allows users to include their own memorable words or phrases, making the passwords more personalized.

  • Error Handling: The library includes error handling to ensure proper usage. It validates input parameters and throws informative error messages in case of invalid configurations.

Usage Example

import secureCryptoRandom from 'secure-crypto-random';

// Generate a password with default settings
const password = secureCryptoRandom.createPassword({ passLength: 12 });

console.log(password);
// Output: "J0Xm2i5$e6#9"

// Generate a password with custom settings
const customPassword = secureCryptoRandom.createPassword({
  passLength: 16,
  uppercase: true,
  lowercase: true,
  numbers: true,
  symbols: true,
  userString: 'MySecret'
});

console.log(customPassword);
// Output: "s4T8$7lG3@f9h6MySecret"

The SecureCryptoRandom library provides a secure and flexible solution for generating strong passwords in JavaScript applications. With its customizable options and secure randomness, it helps to enhance the overall security of user accounts and sensitive information.

Please note that while this library offers additional security features, it is important to follow other best practices for password management, such as regularly updating passwords and storing them securely.

Installation

You can install the SecureCryptoRandom library using npm:

npm install secure-crypto-random

Usage

To use the SecureCryptoRandom library, import the class instance and start use it:

import secureCryptoRandom from 'secure-crypto-random';

	const generatePasswordParams = {
		passLength: 25,
		uppercase: true,
		lowercase: true,
		numbers: true,
		symbols: true,
		userString: Anton Oshurek,
	};

	console.log(secureCryptoRandom.createPassword(generatePasswordParams));
	//result = zAshurekLqij0Anton;LHwu

Methods

cryptoRandom()

Generates a random number between 0 and 1 using the cryptographic functions of the browser. Returns a number.

const randomNumber = secureCryptoRandom.cryptoRandom();
console.log(randomNumber); // Example output: 0.723456789

getRandomInt()

Generates a random integer between 0 and 9 using the cryptoRandom() method. Returns an integer.

const randomInt = secureCryptoRandom.getRandomInt();
console.log(randomInt); // Example output: 5

getRandomIndex(range: number)

Generates a random index between 0 and range (exclusive). Throws an error if range is negative or zero. Returns an integer.

const randomIndex = secureCryptoRandom.getRandomIndex(10);
console.log(randomIndex); // Example output: 3

getRandomChar(charCase: 'upper' | 'lower')

Generates a random character either in uppercase or lowercase. Throws an error if charCase is not 'upper' or 'lower'. Returns a string.


const randomChar = secureCryptoRandom.getRandomChar('upper');
console.log(randomChar); // Example output: 'C'

createPassword(options: { passLength: number, uppercase: boolean, lowercase: boolean, numbers: boolean, symbols: boolean, userString?: string })

Creates a random password based on the provided options. The passLength parameter specifies the length of the password. The uppercase, lowercase, numbers, and symbols parameters indicate whether to include characters from the respective character sets in the password. The userString parameter allows you to specify an additional string to be included in the password.


const password = secureCryptoRandom.createPassword({
	passLength: 12,
	uppercase: false,
	lowercase: false,
	numbers: true,
	symbols: true,
	userString: 'John Doe'
});
console.log(password); // Example output: '{Doe!.John)'


const secondPassword = secureCryptoRandom.createPassword({
	passLength: 20,
	uppercase: true,
	lowercase: true,
	numbers: true,
	symbols: true,
});
console.log(secondPassword); // Example output: '6M>;x2JWn*QW.;(z[mu['


//default properties without params object :
// passLength: 20,
// uppercase: true,
// lowercase: true,
// numbers: true,
// symbols: true,

console.log(secureCryptoRandom.createPassword());
//result = )v*^e-HEdQ342Fsx_.Nh

If the passLength property is missing or undefined, an error is thrown to indicate that the passLength value cannot be missing.

The function checks the selected options and constructs a string of available characters based on the selected character sets: uppercase letters, lowercase letters, numbers, and symbols.

If there are no available characters to create a password (either because no options are selected or no character sets are available), an error is thrown with a message indicating that the parameters are not selected or there are no characters available to create a password. An example usage is also provided in the error message.

The function calculates the full password length by subtracting the length of the userString (if provided) from the passLength. If the resulting full password length is negative or zero, an error is thrown with a message indicating that the pass length cannot be negative or zero. The error message also includes the original passLength, the optional userString, and the resulting range of symbols after subtracting the userString length.

The function generates an array of random symbols for the password by iterating fullPassLength times. Each iteration shuffles the available characters and selects a random symbol to push into the passSymbolsArray.

If a userString is provided and its length is greater than zero, the function extracts words from the userString and creates an array of user words. It generates random indexes within the range of the full password length to determine where to insert each user word into the passSymbolsArray.

Finally, the passSymbolsArray is joined into a string to form the password, which is then returned.

In summary, the function allows the user to pass an options object with various parameters, but the passLength property is mandatory. If a property is missing in the options object, it will not be applied, but the passLength property must always be present.

Notes

  • The cryptoRandom() method relies on the window.crypto.getRandomValues function provided by the browser. If the browser does not support this function, it falls back to using Math.random(), which is less secure.

  • The createPassword() method calculates the available characters based on the provided options. It then generates random characters and inserts them into an array. If a userString is provided, it splits it into words, generates random indexes, and inserts the words at the specified positions in the password array.

  • The shuffleString() function and createWordsArrayFromString() function are utility functions used internally by the library.

That's it! You are now ready to use the SecureCryptoRandom library to generate secure random passwords in your JavaScript applications.

Keywords

  • #JavaScript
  • #library
  • #password
  • #generation
  • #security
  • #random
  • #cryptographic
  • #customization
  • #npm
  • #web development