{"id":18041632,"url":"https://github.com/katyo/tweetnacl-ts","last_synced_at":"2025-04-09T19:21:24.323Z","repository":{"id":31874866,"uuid":"130003581","full_name":"katyo/tweetnacl-ts","owner":"katyo","description":"Port of TweetNaCl cryptographic library to TypeScript (and ES6)","archived":false,"fork":false,"pushed_at":"2021-11-30T09:34:32.000Z","size":3231,"stargazers_count":11,"open_issues_count":2,"forks_count":6,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-03-23T21:11:28.252Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"unlicense","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/katyo.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.tweetnacl-js.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-04-18T04:26:03.000Z","updated_at":"2024-07-25T06:59:28.000Z","dependencies_parsed_at":"2022-08-07T17:00:33.114Z","dependency_job_id":null,"html_url":"https://github.com/katyo/tweetnacl-ts","commit_stats":null,"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/katyo%2Ftweetnacl-ts","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/katyo%2Ftweetnacl-ts/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/katyo%2Ftweetnacl-ts/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/katyo%2Ftweetnacl-ts/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/katyo","download_url":"https://codeload.github.com/katyo/tweetnacl-ts/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248095188,"owners_count":21046808,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-10-30T16:11:08.511Z","updated_at":"2025-04-09T19:21:24.289Z","avatar_url":"https://github.com/katyo.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# TweetNaCl in TypeScript (and ES6)\n\n[![npm version](https://badge.fury.io/js/tweetnacl-ts.svg)](https://badge.fury.io/js/tweetnacl-ts)\n[![npm downloads](https://img.shields.io/npm/dm/tweetnacl-ts.svg)](https://www.npmjs.com/package/tweetnacl-ts)\n[![Build Status](https://travis-ci.org/katyo/tweetnacl-ts.svg?branch=master)](https://travis-ci.org/katyo/tweetnacl-ts)\n\nPort of [TweetNaCl.js](https://tweetnacl.js.org) to **TypeScript** with several API changes for compatibility with Tree-Shaking to help modern JavaScript bundlers like Rollup and Webpack \u003e2.x attain much optimization.\n\nAlso includes:\n\n* [TweetNaCl-Auth.js](https://github.com/dchest/tweetnacl-auth-js)\n* [TweetNaCl-Utils.js](https://github.com/dchest/tweetnacl-util-js)\n* [BlakeJS](https://github.com/dcposch/blakejs)\n* [TweetNaCl-SealedBox.js](https://github.com/whs/tweetnacl-sealed-box)\n\n__NOTE: May be you need `crypto.getRandomValues()` polyfill for browsers which doesn't supported it.__\n\nDocumentation\n=============\n\n* [Overview](#overview)\n* [Usage](#usage)\n  * [Public-key authenticated encryption (box)](#public-key-authenticated-encryption-box)\n  * [Secret-key authenticated encryption (secretbox)](#secret-key-authenticated-encryption-secretbox)\n  * [Scalar multiplication](#scalar-multiplication)\n  * [Signatures](#signatures)\n  * [Hashing](#hashing)\n  * [Random bytes generation](#random-bytes-generation)\n  * [Constant-time comparison](#constant-time-comparison)\n* [System requirements](#system-requirements)\n* [Development and testing](#development-and-testing)\n\n\nOverview\n--------\n\nOriginally this project had been a port of `nacl-fast.js` to TypeScript.\nNow it also includes support of SealedBox and HMAC-Auth.\n\nUsage\n-----\n\nAll API functions accept and return bytes as `ByteArray`s (natively as `Uint8Array`s).\nIf you need to encode or decode strings, use functions `encodeUTF8/decodeUTF8`.\n\n\n### Public-key authenticated encryption (box)\n\nImplements *x25519-xsalsa20-poly1305*.\n\n#### box\\_keyPair()\n\nGenerates a new random key pair for box and returns it as an object with\n`publicKey` and `secretKey` members:\n\n```typescript\ninterface BoxKeyPair {\n    publicKey: ByteArray; // Array with 32-byte public key\n    secretKey: ByteArray; // Array with 32-byte secret key\n}\n```\n\n#### box\\_keyPair\\_fromSecretKey(secretKey)\n\nReturns a key pair for box with public key corresponding to the given secret\nkey.\n\n#### box(message, nonce, theirPublicKey, mySecretKey)\n\nEncrypts and authenticates message using peer's public key, our secret key, and\nthe given nonce, which must be unique for each distinct message for a key pair.\n\nReturns an encrypted and authenticated message, which is\n`BoxLength.Overhead` longer than the original message.\n\n#### box\\_open(box, nonce, theirPublicKey, mySecretKey)\n\nAuthenticates and decrypts the given box with peer's public key, our secret\nkey, and the given nonce.\n\nReturns the original message, or `undefined` if authentication fails.\n\n#### box\\_before(theirPublicKey, mySecretKey)\n\nReturns a precomputed shared key which can be used in `box_after` and\n`box_open_after`.\n\n#### box\\_after(message, nonce, sharedKey)\n\nSame as `box`, but uses a shared key precomputed with `box_before`.\n\n#### box\\_open\\_after(box, nonce, sharedKey)\n\nSame as `box_open`, but uses a shared key precomputed with `box_before`.\n\n#### Constants\n\n##### BoxLength.PublicKey = 32\n\nLength of public key in bytes.\n\n##### BoxLength.SecretKey = 32\n\nLength of secret key in bytes.\n\n##### BoxLength.SharedKey = 32\n\nLength of precomputed shared key in bytes.\n\n##### BoxLength.Nonce = 24\n\nLength of nonce in bytes.\n\n##### BoxLength.Overhead = 16\n\nLength of overhead added to box compared to original message.\n\n\n### Secret-key authenticated encryption (secretbox)\n\nImplements *xsalsa20-poly1305*.\n\n#### secretbox(message, nonce, key)\n\nEncrypts and authenticates message using the key and the nonce. The nonce must\nbe unique for each distinct message for this key.\n\nReturns an encrypted and authenticated message, which is\n`SecretBox.Overhead` longer than the original message.\n\n#### secretbox\\_open(box, nonce, key)\n\nAuthenticates and decrypts the given secret box using the key and the nonce.\n\nReturns the original message, or `undefined` if authentication fails.\n\n#### Constants\n\n##### SecretBoxLength.Key = 32\n\nLength of key in bytes.\n\n##### SecretBoxLength.Nonce = 24\n\nLength of nonce in bytes.\n\n##### SecretBoxLength.Overhead = 16\n\nLength of overhead added to secret box compared to original message.\n\n\n### Sealed box encryption\n\nSealed boxes are designed to anonymously send messages\nto a recipient given its public key.\n\n#### sealedbox(message, publicKey)\n\nEncrypts message using the recipient's public key.\n\nReturns an encrypted message, which is `SealedBox.Overhead`\nlonger than the original message.\n\n#### sealedbox\\_open(box, publicKey, secretKey)\n\nDecrypts the given sealed box using the recipient's key pair.\n\nReturns the original message, or `undefined` if decryption fails.\n\n#### Constants\n\n##### SealedBoxLength.PublicKey = 32\n\nLength of public key of recipient in bytes.\n\n##### SealedBoxLength.SecretKey = 32\n\nLength of secret key of recipient in bytes.\n\n##### SealedBoxLength.Nonce = 24\n\nLength of nonce in bytes.\n\n##### SealedBoxLength.Overhead = 48\n\nLength of overhead added to box compared to original message.\n\n\n### Scalar multiplication\n\nImplements *x25519*.\n\n#### scalarMult(n, p)\n\nMultiplies an integer `n` by a group element `p` and returns the resulting\ngroup element.\n\n#### scalarMult\\_base(n)\n\nMultiplies an integer `n` by a standard group element and returns the resulting\ngroup element.\n\n#### Constants\n\n##### ScalarMultLength.Scalar = 32\n\nLength of scalar in bytes.\n\n##### ScalarMultLength.GroupElement = 32\n\nLength of group element in bytes.\n\n\n### Signatures\n\nImplements [ed25519](http://ed25519.cr.yp.to).\n\n#### sign\\_keyPair()\n\nGenerates new random key pair for signing and returns it as an object with\n`publicKey` and `secretKey` members:\n\n```typescript\ninterface SignKeyPair {\n    publicKey: ByteArray; // Array with 32-byte public key\n    secretKey: ByteArray; // Array with 64-byte secret key\n}\n```\n\n#### sign\\_keyPair\\_fromSecretKey(secretKey)\n\nReturns a signing key pair with public key corresponding to the given\n64-byte secret key. The secret key must have been generated by\n`sign_keyPair` or `sign_keyPair_fromSeed`.\n\n#### sign\\_keyPair\\_fromSeed(seed)\n\nReturns a new signing key pair generated deterministically from a 32-byte seed.\nThe seed must contain enough entropy to be secure. This method is not\nrecommended for general use: instead, use `sign_keyPair` to generate a new\nkey pair from a random seed.\n\n#### sign(message, secretKey)\n\nSigns the message using the secret key and returns a signed message.\n\n#### sign\\_open(signedMessage, publicKey)\n\nVerifies the signed message and returns the message without signature.\n\nReturns `undefined` if verification failed.\n\n#### sign\\_detached(message, secretKey)\n\nSigns the message using the secret key and returns a signature.\n\n#### sign\\_detached\\_verify(message, signature, publicKey)\n\nVerifies the signature for the message and returns `true` if verification\nsucceeded or `false` if it failed.\n\n#### Constants\n\n##### SignLength.PublicKey = 32\n\nLength of signing public key in bytes.\n\n##### SignLength.SecretKey = 64\n\nLength of signing secret key in bytes.\n\n##### SignLength.Seed = 32\n\nLength of seed for `sign_keyPair_fromSeed` in bytes.\n\n##### SignLength.Signature = 64\n\nLength of signature in bytes.\n\n\n### Hashing\n\nImplements *SHA-512*.\n\n#### hash(message)\n\nReturns SHA-512 hash of the message.\n\n#### Constants\n\n##### HashLength.Hash = 64\n\nLength of hash in bytes.\n\n### Authenticating\n\nImplements *HMAC-SHA-512-256*\n\n#### auth(message, key)\n\nAuthenticates the given message with the secret key.\n(In other words, returns HMAC-SHA-512-256 of the message under the key.)\n\n#### auth\\_full(message, key)\n\nReturns HMAC-SHA-512 (without truncation) of the message under the key\n\n#### AuthLength.Auth = 32\n\nLength of authenticator returned by `auth`.\n\n#### AuthLength.AuthFull = 64\n\nLength of authenticator returned by `auth_full`.\n\n#### AuthLength.Key = 32\n\nLength of key for `auth` and `auth_full` (key length is currently not\nenforced).\n\n\n### Random bytes generation\n\n#### randomBytes(length)\n\nReturns a `ByteArray` of the given length containing random bytes of\ncryptographic quality.\n\n**Implementation note**\n\nTweetNaCl.js uses the following methods to generate random bytes,\ndepending on the platform it runs on:\n\n* `window.crypto.getRandomValues` (WebCrypto standard)\n* `window.msCrypto.getRandomValues` (Internet Explorer 11)\n* `crypto.randomBytes` (Node.js)\n\nIf the platform doesn't provide a suitable PRNG, the following functions,\nwhich require random numbers, will throw exception:\n\n* `randomBytes`\n* `box_keyPair`\n* `sign_keyPair`\n\nOther functions are deterministic and will continue working.\n\n### Constant-time comparison\n\n#### verify(x, y)\n\nCompares `x` and `y` in constant time and returns `true` if their lengths are\nnon-zero and equal, and their contents are equal.\n\nReturns `false` if either of the arguments has zero length, or arguments have\ndifferent lengths, or their contents differ.\n\n\nSystem requirements\n-------------------\n\nTweetNaCl.js supports modern browsers that have a cryptographically secure\npseudorandom number generator and typed arrays, including the latest versions\nof:\n\n* Chrome\n* Firefox\n* Safari (Mac, iOS)\n* Internet Explorer 11\n\nOther systems:\n\n* Node.js\n\n\nDevelopment and testing\n------------------------\n\nInstall NPM modules needed for development:\n\n    $ npm install\n\nTo build js run compilation:\n\n    $ npm run compile\n\n### Testing\n\nTo run tests in Node:\n\n    $ npm run test-node\n\nTo run tests in browsers and Node (CI-mode):\n\n    $ npm run test\n\nTo run tests in browsers and Node (Dev-mode):\n\n    $ npm run test-dev\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkatyo%2Ftweetnacl-ts","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fkatyo%2Ftweetnacl-ts","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkatyo%2Ftweetnacl-ts/lists"}