omari.mohamed

0 Followers · 0 Following

• Joined on 2025-08-05

Repositories Projects Packages Public Activity Starred Repositories

@taxi/crypto-utils (0.2.3)

Published 2025-09-12 09:53:01 +00:00 by omari.mohamed

Installation

Setup this registry in your project .npmrc file:

@taxi:registry=

To install the package using npm, run the following command:

npm install @taxi/crypto-utils@0.2.3

or add it to the package.json file:

"@taxi/crypto-utils": "0.2.3"

For more information on the npm registry, see the documentation.

About this package

@taxi/crypto-utils

Shared crypto utilities for Taxi apps.

Features:

• Password hashing with bcryptjs
• TOTP generation/verification with otplib
• AES-GCM symmetric encryption/decryption using Web Crypto API
• AES-256-CTR helpers (Node and CryptoJS) with user-specified IV

Install (local monorepo)

Add to an app package.json dependencies:

"@taxi/crypto-utils": "file:../packages/crypto-utils"

Then install in that app folder:

npm install

Usage

import { hashPassword, comparePassword, generateTotpSecret, generateTotpToken, verifyTotpToken, otpauthURL, encrypt, decrypt, encryptAesCtrNode, decryptAesCtrNode, encryptAesCtrJs, decryptAesCtrJs, generateIvHex, encryptNFCCard, decryptNFCCard } from '@taxi/crypto-utils';

// Passwords
const hash = await hashPassword('secret');
const ok = await comparePassword('secret', hash);

// TOTP
const secret = generateTotpSecret();
const token = generateTotpToken(secret);
const valid = verifyTotpToken(token, secret);
const url = otpauthURL(secret, 'user@example.com', 'Taxi');

// Symmetric
const payload = await encrypt('hello', 'passphrase');
const plain = await decrypt(payload, 'passphrase');

// AES-256-CTR (dynamic IV). Key must be 32 bytes hex (64 hex chars). IV must be 16 bytes.
const keyHex = '0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef';
const ivUtf8 = 'zxfv3cr6stq7f2rx'; // 16 chars => 16 bytes (utf8)
const ivHex = generateIvHex(); // alternative random 16-byte hex IV

// Node crypto implementation (returns hex ciphertext)
const encHexNode = encryptAesCtrNode({ foo: 'bar' }, keyHex, ivUtf8);
const decNode = decryptAesCtrNode(encHexNode, keyHex, ivUtf8);

// CryptoJS implementation (compatible with above)
const encHexJs = encryptAesCtrJs({ foo: 'bar' }, keyHex, ivUtf8);
const decJs = decryptAesCtrJs(encHexJs, keyHex, ivUtf8);

// NFC Card payload (format: 64-hex rand + keyHex + 64-hex rand + cipherHex)
// WARNING: This format embeds the key in clear hex. Use only if this is the explicit protocol requirement.
const nfcPayload = encryptNFCCard({ balance: 1000 }, keyHex, ivUtf8);
const nfcData = decryptNFCCard(nfcPayload, ivUtf8);

Notes:

• AES-GCM helpers rely on the global Web Crypto API (globalThis.crypto), available in modern Node (>=18). In older environments, consider a polyfill or use Node's crypto module directly.
• AES-256-CTR helpers require a 32-byte key in hex (64 hex chars) and a 16-byte IV. You can pass the IV in utf8, hex, or let the helpers auto-detect with ivEncoding = 'auto' (default).
• NFC helpers format is 64-hex random + keyHex + 64-hex random + cipherHex. This intentionally places the key in clear hex to match the requested protocol; do not use in security-sensitive contexts unless mandated.

Dependencies

Dependencies

ID	Version
bcryptjs	^3.0.2
crypto-js	^4.2.0
otplib	^12.0.1

Development Dependencies

ID	Version
@types/bcryptjs	^2.4.6
@types/crypto-js	^4.2.2
@types/node	^20
rimraf	^6.0.1
tsup	^8.3.5
typescript	^5.6.3

Details

npm

2025-09-12 09:53:01 +00:00

21

MIT

latest

8.8 KiB

Assets (1)

crypto-utils-0.2.3.tgz 8.8 KiB

Versions (4) View all

0.2.3 2025-09-12

0.2.1 2025-09-12

0.2.0 2025-09-12

0.1.0 2025-09-12