crypt-util
A TypeScript/JavaScript API for dealing with cryptographic functions for browser and NodeJS. It implements the interface CryptUtil
.
The crypt-util library provides an implementation for local (on-device) usage, but is not responsible for the secure storage of any private keys. The local implementation creates derivable ECDSA keys which can also be used with an Ethereum network.
Installation
In an existing project (with package.json
), install crypt-util
npm install crypt-util --save
Usage
Creating, importing and exporting keys
A new (random) key can be created. This implementation allows for importing and exporting the keys, so that they can be stored on a local storage or used in an external lib.
// Create a new master keycryptUtils.createMasterPrivateKey // Export master key: Exporting the master key should only be used if the key must be stored locally,// crypt-util does not store private keys on the deviceconsole.logmasterPrivExtKey // Import master key (if to be restored from a local storage)cryptUtils.importMasterPrivateKeymasterPrivExtKey
Key derivation
Key derivation with the out-of-the-box implementation is done according to BIP0044. We use the derived private keys and addresses with an Ethereum blockchain. Key derivation takes as input the variables accountId
and keyId
.
The key path will be formed as follows m/44'/60'/<accountid>'/0'/<keyid>'
. The accountId
can be used if your application offers multiple accounts/profiles for one user. Leave accountId = 0
when unused.
// Derive private key: Should only be used if an external package requires direct usage of the keyconsole.logprivKey // Derive public keyconsole.logpubKey // Derive address: In this case a keccak256 hash conform Ethereum standardsconsole.logaddress
Signing and verifying
The secp256k1
signing algorithm is used over a keccak256
hash from a given payload. A hexadecimal representation of the signature is returned.
// Don't forget to import your private key! // Sign a payload with a derived keyconst signature = cryptUtilsconsole // Verify payload and signatureconst verified = cryptUtilsconsole
Different crypto algorithms
Build a new class yourself, implementing the crypt-util interface using the cryptographic algorithm of your choice. As of now, only the secp256k1 algorithm is available out-of-the-box.
Running tests
Besides unit testing with Mocha, the effectivity of all tests are also measured with the Stryker mutation testing framework.
npm run testnpm run stryker
We aim to achieve a coverage of 100%. Stryker and/or mocha test scores below 80% will fail the build.
Contributing
Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.
Please make sure to update tests as appropriate.
License and disclaimer
apache-2.0 with a notice.
We discourage the use of this work in production environments as it is in active development and not mature enough.