WebAssembly port of Aes128Ctr128Be and ChaCha20Poly1305 encryption algorithms
npm i @hazae41/zeparNode Package 📦 • Deno Module 🦖 • Next.js CodeSandbox 🪣
- Aes128Ctr128Be from RustCrypto (aes, ctr) (audited)
- ChaCha20Poly1305 from RustCrypto (chacha20poly1305)
- Reproducible building
- Pre-bundled and streamed
- Zero-copy memory slices
import { Zepar, Aes128Ctr128BEKey } from "@hazae41/zepar";
import { randomBytes } from "crypto";
// Wait for WASM to load
await Zepar.initBundledOnce()
// Random key
const key = randomBytes(16)
// Random IV
const iv = randomBytes(16)
// Build a cipher from key and IV
const cipher = new Aes128Ctr128BEKey(key, iv)
// Byte arrays to encrypt
const hello = new TextEncoder().encode("Hello World")
// Encrypt with counter = 0
const encrypted0 = cipher.apply_keystream(hello).copyAndDispose()
// Encrypt with counter = 1
const encrypted1 = cipher.apply_keystream(hello).copyAndDispose()
// encrypted0 !== encrypted1
console.log(encrypted0, encrypted1)
cipher.free()You need to install Rust
Then, install wasm-pack
cargo install wasm-packFinally, do a clean install and build
npm ci && npm run buildYou can build the exact same bytecode using Docker, just be sure you're on a linux/amd64 host
docker compose up --buildThen check that all the files are the same using git status
git status --porcelainIf the output is empty then the bytecode is the same as the one I commited
Each time I commit to the repository, the GitHub's CI does the following:
- Clone the repository
- Reproduce the build using
docker compose up --build - Throw an error if the
git status --porcelainoutput is not empty
Each time I release a new version tag on GitHub, the GitHub's CI does the following:
- Clone the repository
- Do not reproduce the build, as it's already checked by the task above
- Throw an error if there is a
npm diffbetween the cloned repository and the same version tag on NPM
If a version is present on NPM but not on GitHub, do not use!