⚠️ SECURITY NOTICE⚠️ This library has not undergone extensive production testing or security auditing. Use in production environments is not recommended at this time. For research and development purposes only.
DeepMojo Crypto-Core is a robust TypeScript cryptography library designed for Node.js and Electron environments. It provides a streamlined interface to cryptographic operations with secure defaults, built on top of the battle-tested node:crypto module.
📚 View our Official API Docs 📚
- 🔒 Comprehensive toolkit of major cryptographic operations
- 🔢 RNG & Key Derivation - Secure random number generation and key derivation functions with industry-standard algorithms.
- 🧠 World-Class Encryption/Decryption - AES-GCM-256 encryption with authenticated encryption support.
- ✳ Password-Only Encryption/Decryption - Simplified APIs for password-only encryption scenarios.
- 🧮 Cryptographic Utilities - Including hashing and digital signatures capabilities.
- 🗝️ Key Management - Public/private key pair generation and management utilities.
- 🚀 Both synchronous and asynchronous APIs
- 💪 Strong default security parameters
- 🧪 Comprehensive test coverage with Jest
- 🔍 TypeScript-first development
| Objective | Status | Description |
|---|---|---|
| Cross-Platform Support | ✅ 100% | Full compatibility across Windows, macOS, and Linux |
| Security-First Design | ✅ 100% | Enforces secure defaults with simplified developer experience |
| Security Best Practices | 🚧 66% | Pending: GHSA integration |
npm install @deepmojo/crypto-core
# or for yarn
yarn add @deepmojo/crypto-corePro Tip: In newer versions of yarn, to get a local node_modules folder you will want yarn config set nodeLinker node-modules.
npm run build or yarn build: Compiles the TypeScript code using the tsconfig.json configuration file. This script is used to build the project and prepare it for distribution.
npm run build:typedoc:html: Generates HTML site documentation in ./docs as needed for generating the GitHub Pages documentation for this library.
npm run build:typedoc:json: Generates a typedoc.json in the root of the project, as needed for generating the static documentation for this library.
npm run test or yarn test: Runs the Jest test suite with verbose output and code coverage reporting. This script is used to test the project and ensure that it is working as expected.
Here's an example of how to use the CryptoCore library to encrypt and decrypt a string:
import CryptoCore, { CryptoCoreOptions } from "@deepmojo/crypto-core";
const options: CryptoCoreOptions = {
OUTER_PEPPER: 'pepper is the one true spice',
INNER_KEY_ITERATIONS: 1000,
};
const cryptoCore = new CryptoCore(options);
const secret = 'test';
// Encrypt
const encryptResult = cryptoCore.getEncryptedStringSync('Hello, World!', secret, cryptoCore.getRandomSalt());
// Decrypt
const decryptedString = cryptoCore.getDecryptedStringSync(
getHexStringFromBuffer(encryptResult.result),
secret,
salt,
encryptResult.iv,
encryptResult.authTag
);For more examples and usage scenarios, please refer to the tests in the src/tests directory.
- Chromium SafeStorage API wrapper
- OTP/TOTP/Authenticator
- Pin/pattern hashing and verification
- JWE/JWK authentication
- Windows Credential Locker
- HSM, TPM, PAM, MFA, 2FA
- Hardware security: FIDO U2F, WebAuthn/FIDO2, TrustKey, Yubikey
- macOS Secure Enclave integration
We welcome contributions! Please see our Contributing Guidelines for details.
For security concerns, please review our Security Policy.
This project adheres to Semantic Versioning.