A JavaScript/TypeScript Implementation Of The Complete Secure Hash Sta

jsSHA

A pure TypeScript/JavaScript streaming implementation of the complete Secure Hash Standard (SHA) family (SHA-1, SHA-224/256/384/512, SHA3-224/256/384/512, SHAKE128/256, cSHAKE128/256, and KMAC128/256) with HMAC.

Usage

More complete documentation can be found on the jsSHA Wiki but below are common use-cases.

Installation

Browser

Include the desired JavaScript file (sha.js, sha1.js, sha256.js, sha512.js, or sha3.js) in your header:

<script type="text/javascript" src="/path/to/sha.js"></script>

Node.js

jsSHA is available through NPM and be installed by simply doing

npm install jssha

To use the module, first require it using:

const jsSHA = require("jssha");
/* The limited variant files are also exported (sha1, sha256, sha512, and sha3)
 * using conditional subpath exports in Node.js v13+ or using --experimental-modules
 * in v12 */
const jsSHA1 = require("jssha/sha1");
/* For Node.js versions that don't support subpath exports, you can do the
 * following instead: */
const jsSHA1 = require("jssha/dist/sha1");
/* Alternatively, you can load it as an ESM (Node.js v13+ or using
 * --experimental-modules in v12) */
import jsSHA from "jssha";

Hashing

Instantiate a new jsSHA object with the desired hash variant, input format, and options as parameters. The hash variant can be one of SHA-1, SHA-224, SHA3-224, SHA-256, SHA3-256, SHA-384, SHA3-384, SHA-512, SHA3-512, SHAKE128, or SHAKE256. The input format can be one of HEX, TEXT, B64, BYTES, ARRAYBUFFER, or UINT8ARRAY. You can then stream in input using the update object function, calling it multiple times if needed. Finally, simply call getHash with the output type as a parameter (B64, HEX, BYTES, ARRAYBUFFER, or UINT8ARRAY). Example to calculate the SHA-512 of "This is a test":

const shaObj = new jsSHA("SHA-512", "TEXT", { encoding: "UTF8" });
/* .update() can be chained */
shaObj.update("This is").update(" a ");
shaObj.update("test");
const hash = shaObj.getHash("HEX");

The constructor takes a hashmap as a optional third argument with defaults {"encoding" : "UTF8", "numRounds" : 1}. numRounds controls the number of hashing iterations/rounds performed and encoding specifies the encoding used to encode TEXT-type inputs. Valid encoding values are "UTF8", "UTF16BE", and "UTF16LE".

getHash also takes a hashmap as an optional second argument with defaults {"outputUpper" : false, "b64Pad" : "="}. outputUpper is only used for "HEX" outputs and b64Pad only for "B64" outputs.

Important: SHAKE128 and SHAKE256 require outputLen to be in the hashmap where outputLen is the desired output length of the SHAKE algorithm in a multiple of 8 bits.

HMAC

Instantiate a new jsSHA object similiar to hashing but with the third argument in the form of { "hmacKey": { "value": VALUE, "format": FORMAT } }. FORMAT takes the same values as the input format from hashing and the VALUE is then either a string, ArrayBuffer, or Uint8Array. You can stream in the input using the update object function just like hashing. Finally, get the HMAC by calling the getHash function with the output type as its argument. Example to calculate the SHA-512 HMAC of the string "This is a test" with the key "abc":

const shaObj = new jsSHA("SHA-512", "TEXT", {
  hmacKey: { value: "abc", format: "TEXT" },
});
shaObj.update("This is a ");
shaObj.update("test");
const hmac = shaObj.getHash("HEX");

Note: You cannot specify numRounds with HMAC.

cSHAKE

Instantiate a new jsSHA object similiar to HMAC but first argument being either "CSHAKE128" or "CSHAKE256" and the third argument in the form of { "customization"?: { "value": VALUE, "format": FORMAT }, "funcName"?: { "value": VALUE, "format": FORMAT } }. FORMAT takes the same values as the input format from hashing and the VALUE is then either a string, ArrayBuffer, or Uint8Array. Per the NIST specification, both customization and funcName are optional. You can stream in the input using the update object function just like hashing. Finally, get the hash by calling the getHash function with the output type and length as arguments. Example to calculate the cSHAKE128 of the string "This is a test" with the customization string "My Tagged Application" and an output size of 256-bits.

const shaObj = new jsSHA("CSHAKE128", "TEXT", {
  customization: { value: "My Tagged Application", format: "TEXT" },
});
shaObj.update("This is a ");
shaObj.update("test");
const cshake = shaObj.getHash("HEX", { outputLen: 256 });

Note: You cannot specify numRounds with cSHAKE.

Important: outputLen is required to be in the hashmap where outputLen is the desired output length of the cSHAKE algorithm in a multiple of 8 bits.

KMAC

Instantiate a new jsSHA object similiar to cSHAKE but first argument being either "KMAC128" or "KMAC256" and the third argument in the form of { "customization"?: { "value": VALUE, "format": FORMAT }, "kmacKey?: { "value": VALUE, "format": FORMAT } }. FORMAT takes the same values as the input format from hashing and the VALUE is then either a string, ArrayBuffer, or Uint8Array. Per the NIST specification customization is optional whereas kmacKey is required. You can stream in the input using the update object function just like hashing. Finally, get the hash by calling the getHash function with the output type and length as arguments. Example to calculate the KMAC128 of the string "This is a test" with the customization string "My Tagged Application", key "abc", and an output size of 256-bits.

const shaObj = new jsSHA("KMAC128", "TEXT", {
  customization: { value: "My Tagged Application", format: "TEXT" },
  kmacKey: { value: "abc", format: "TEXT" },
});
shaObj.update("This is a ");
shaObj.update("test");
const kmac = shaObj.getHash("HEX", { outputLen: 256 });

Note: You cannot specify numRounds with KMAC.

Important: outputLen is required to be in the hashmap where outputLen is the desired output length of the KMAC algorithm in a multiple of 8 bits.

Files

• dist/sha.js - The minified ECMAScript 3 (ES3) compatible Universal Module Definition (UMD) version of the library with support for all hash variants. Its accompanying source map can be found in dist/sha.js.map and its TypeScript declarations in dist/sha.d.ts.
• dist/sha.mjs - The minified ECMAScript 2015 (ES6) compatible ESM version of the library with support for all hash variants. Its accompanying source map can be found in dist/sha.mjs.map and its TypeScript declarations in dist/sha.d.ts.
• dist/sha1.{js,mjs} - The minified UMD and ESM versions of the library with support for only the SHA-1 hash variant. Its accompanying TypeScript declarations can be found in dist/sha1.d.ts.
• dist/sha256.{js,mjs} - The minified UMD and ESM versions of the library with support for only the SHA-224 and SHA-256 hash variants. Its accompanying TypeScript declarations can be found in dist/sha256.d.ts.
• dist/sha512.{js,mjs} - The minified UMD and ESM versions of the library with support for only the SHA-384 and SHA-512 hash variants. Its accompanying TypeScript declarations can be found in dist/sha513.d.ts.
• dist/sha3.{js,mjs} - The minified UMD and ESM versions of the library with support for only the SHA3-224, SHA3-256, SHA3-384, SHA3-512, SHAKE128, SHAKE256, cSHAKE128, cSHAKE256, KMAC128, and KMAC256 hash variants. Its accompanying TypeScript declarations can be found in dist/sha3.d.ts.

Contact Info

The project's website is located at https://caligatio.github.io/jsSHA/

Download Details:

Author: Caligatio
Source Code: https://github.com/Caligatio/jsSHA 
License: BSD-3-Clause license

#typescript #javascript #cryptography #hash

What is GEEK

Buddha Community

A JavaScript/TypeScript Implementation Of The Complete Secure Hash Sta

jsSHA

A pure TypeScript/JavaScript streaming implementation of the complete Secure Hash Standard (SHA) family (SHA-1, SHA-224/256/384/512, SHA3-224/256/384/512, SHAKE128/256, cSHAKE128/256, and KMAC128/256) with HMAC.

Usage

More complete documentation can be found on the jsSHA Wiki but below are common use-cases.

Installation

Browser

Include the desired JavaScript file (sha.js, sha1.js, sha256.js, sha512.js, or sha3.js) in your header:

<script type="text/javascript" src="/path/to/sha.js"></script>

Node.js

jsSHA is available through NPM and be installed by simply doing

npm install jssha

To use the module, first require it using:

const jsSHA = require("jssha");
/* The limited variant files are also exported (sha1, sha256, sha512, and sha3)
 * using conditional subpath exports in Node.js v13+ or using --experimental-modules
 * in v12 */
const jsSHA1 = require("jssha/sha1");
/* For Node.js versions that don't support subpath exports, you can do the
 * following instead: */
const jsSHA1 = require("jssha/dist/sha1");
/* Alternatively, you can load it as an ESM (Node.js v13+ or using
 * --experimental-modules in v12) */
import jsSHA from "jssha";

Hashing

Instantiate a new jsSHA object with the desired hash variant, input format, and options as parameters. The hash variant can be one of SHA-1, SHA-224, SHA3-224, SHA-256, SHA3-256, SHA-384, SHA3-384, SHA-512, SHA3-512, SHAKE128, or SHAKE256. The input format can be one of HEX, TEXT, B64, BYTES, ARRAYBUFFER, or UINT8ARRAY. You can then stream in input using the update object function, calling it multiple times if needed. Finally, simply call getHash with the output type as a parameter (B64, HEX, BYTES, ARRAYBUFFER, or UINT8ARRAY). Example to calculate the SHA-512 of "This is a test":

const shaObj = new jsSHA("SHA-512", "TEXT", { encoding: "UTF8" });
/* .update() can be chained */
shaObj.update("This is").update(" a ");
shaObj.update("test");
const hash = shaObj.getHash("HEX");

The constructor takes a hashmap as a optional third argument with defaults {"encoding" : "UTF8", "numRounds" : 1}. numRounds controls the number of hashing iterations/rounds performed and encoding specifies the encoding used to encode TEXT-type inputs. Valid encoding values are "UTF8", "UTF16BE", and "UTF16LE".

getHash also takes a hashmap as an optional second argument with defaults {"outputUpper" : false, "b64Pad" : "="}. outputUpper is only used for "HEX" outputs and b64Pad only for "B64" outputs.

Important: SHAKE128 and SHAKE256 require outputLen to be in the hashmap where outputLen is the desired output length of the SHAKE algorithm in a multiple of 8 bits.

HMAC

Instantiate a new jsSHA object similiar to hashing but with the third argument in the form of { "hmacKey": { "value": VALUE, "format": FORMAT } }. FORMAT takes the same values as the input format from hashing and the VALUE is then either a string, ArrayBuffer, or Uint8Array. You can stream in the input using the update object function just like hashing. Finally, get the HMAC by calling the getHash function with the output type as its argument. Example to calculate the SHA-512 HMAC of the string "This is a test" with the key "abc":

const shaObj = new jsSHA("SHA-512", "TEXT", {
  hmacKey: { value: "abc", format: "TEXT" },
});
shaObj.update("This is a ");
shaObj.update("test");
const hmac = shaObj.getHash("HEX");

Note: You cannot specify numRounds with HMAC.

cSHAKE

Instantiate a new jsSHA object similiar to HMAC but first argument being either "CSHAKE128" or "CSHAKE256" and the third argument in the form of { "customization"?: { "value": VALUE, "format": FORMAT }, "funcName"?: { "value": VALUE, "format": FORMAT } }. FORMAT takes the same values as the input format from hashing and the VALUE is then either a string, ArrayBuffer, or Uint8Array. Per the NIST specification, both customization and funcName are optional. You can stream in the input using the update object function just like hashing. Finally, get the hash by calling the getHash function with the output type and length as arguments. Example to calculate the cSHAKE128 of the string "This is a test" with the customization string "My Tagged Application" and an output size of 256-bits.

const shaObj = new jsSHA("CSHAKE128", "TEXT", {
  customization: { value: "My Tagged Application", format: "TEXT" },
});
shaObj.update("This is a ");
shaObj.update("test");
const cshake = shaObj.getHash("HEX", { outputLen: 256 });

Note: You cannot specify numRounds with cSHAKE.

Important: outputLen is required to be in the hashmap where outputLen is the desired output length of the cSHAKE algorithm in a multiple of 8 bits.

KMAC

Instantiate a new jsSHA object similiar to cSHAKE but first argument being either "KMAC128" or "KMAC256" and the third argument in the form of { "customization"?: { "value": VALUE, "format": FORMAT }, "kmacKey?: { "value": VALUE, "format": FORMAT } }. FORMAT takes the same values as the input format from hashing and the VALUE is then either a string, ArrayBuffer, or Uint8Array. Per the NIST specification customization is optional whereas kmacKey is required. You can stream in the input using the update object function just like hashing. Finally, get the hash by calling the getHash function with the output type and length as arguments. Example to calculate the KMAC128 of the string "This is a test" with the customization string "My Tagged Application", key "abc", and an output size of 256-bits.

const shaObj = new jsSHA("KMAC128", "TEXT", {
  customization: { value: "My Tagged Application", format: "TEXT" },
  kmacKey: { value: "abc", format: "TEXT" },
});
shaObj.update("This is a ");
shaObj.update("test");
const kmac = shaObj.getHash("HEX", { outputLen: 256 });

Note: You cannot specify numRounds with KMAC.

Important: outputLen is required to be in the hashmap where outputLen is the desired output length of the KMAC algorithm in a multiple of 8 bits.

Files

• dist/sha.js - The minified ECMAScript 3 (ES3) compatible Universal Module Definition (UMD) version of the library with support for all hash variants. Its accompanying source map can be found in dist/sha.js.map and its TypeScript declarations in dist/sha.d.ts.
• dist/sha.mjs - The minified ECMAScript 2015 (ES6) compatible ESM version of the library with support for all hash variants. Its accompanying source map can be found in dist/sha.mjs.map and its TypeScript declarations in dist/sha.d.ts.
• dist/sha1.{js,mjs} - The minified UMD and ESM versions of the library with support for only the SHA-1 hash variant. Its accompanying TypeScript declarations can be found in dist/sha1.d.ts.
• dist/sha256.{js,mjs} - The minified UMD and ESM versions of the library with support for only the SHA-224 and SHA-256 hash variants. Its accompanying TypeScript declarations can be found in dist/sha256.d.ts.
• dist/sha512.{js,mjs} - The minified UMD and ESM versions of the library with support for only the SHA-384 and SHA-512 hash variants. Its accompanying TypeScript declarations can be found in dist/sha513.d.ts.
• dist/sha3.{js,mjs} - The minified UMD and ESM versions of the library with support for only the SHA3-224, SHA3-256, SHA3-384, SHA3-512, SHAKE128, SHAKE256, cSHAKE128, cSHAKE256, KMAC128, and KMAC256 hash variants. Its accompanying TypeScript declarations can be found in dist/sha3.d.ts.

Contact Info

The project's website is located at https://caligatio.github.io/jsSHA/

Download Details:

Author: Caligatio
Source Code: https://github.com/Caligatio/jsSHA 
License: BSD-3-Clause license

#typescript #javascript #cryptography #hash

Best Custom Web & Mobile App Development Company

Everything around us has become smart, like smart infrastructures, smart cities, autonomous vehicles, to name a few. The innovation of smart devices makes it possible to achieve these heights in science and technology. But, data is vulnerable, there is a risk of attack by cybercriminals. To get started, let’s know about IoT devices.

What are IoT devices?

The Internet Of Things(IoT) is a system that interrelates computer devices like sensors, software, and actuators, digital machines, etc. They are linked together with particular objects that work through the internet and transfer data over devices without humans interference.

Famous examples are Amazon Alexa, Apple SIRI, Interconnected baby monitors, video doorbells, and smart thermostats.

How could your IoT devices be vulnerable?

When technologies grow and evolve, risks are also on the high stakes. Ransomware attacks are on the continuous increase; securing data has become the top priority.

When you think your smart home won’t fudge a thing against cybercriminals, you should also know that they are vulnerable. When cybercriminals access our smart voice speakers like Amazon Alexa or Apple Siri, it becomes easy for them to steal your data.

Cybersecurity report 2020 says popular hacking forums expose 770 million email addresses and 21 million unique passwords, 620 million accounts have been compromised from 16 hacked websites.

The attacks are likely to increase every year. To help you secure your data of IoT devices, here are some best tips you can implement.

Tips to secure your IoT devices

1. Change Default Router Name

Your router has the default name of make and model. When we stick with the manufacturer name, attackers can quickly identify our make and model. So give the router name different from your addresses, without giving away personal information.

2. Know your connected network and connected devices

If your devices are connected to the internet, these connections are vulnerable to cyber attacks when your devices don’t have the proper security. Almost every web interface is equipped with multiple devices, so it’s hard to track the device. But, it’s crucial to stay aware of them.

3. Change default usernames and passwords

When we use the default usernames and passwords, it is attackable. Because the cybercriminals possibly know the default passwords come with IoT devices. So use strong passwords to access our IoT devices.

4. Manage strong, Unique passwords for your IoT devices and accounts

Use strong or unique passwords that are easily assumed, such as ‘123456’ or ‘password1234’ to protect your accounts. Give strong and complex passwords formed by combinations of alphabets, numeric, and not easily bypassed symbols.

Also, change passwords for multiple accounts and change them regularly to avoid attacks. We can also set several attempts to wrong passwords to set locking the account to safeguard from the hackers.

5. Do not use Public WI-FI Networks

Are you try to keep an eye on your IoT devices through your mobile devices in different locations. I recommend you not to use the public WI-FI network to access them. Because they are easily accessible through for everyone, you are still in a hurry to access, use VPN that gives them protection against cyber-attacks, giving them privacy and security features, for example, using Express VPN.

6. Establish firewalls to discover the vulnerabilities

There are software and firewalls like intrusion detection system/intrusion prevention system in the market. This will be useful to screen and analyze the wire traffic of a network. You can identify the security weakness by the firewall scanners within the network structure. Use these firewalls to get rid of unwanted security issues and vulnerabilities.

7. Reconfigure your device settings

Every smart device comes with the insecure default settings, and sometimes we are not able to change these default settings configurations. These conditions need to be assessed and need to reconfigure the default settings.

8. Authenticate the IoT applications

Nowadays, every smart app offers authentication to secure the accounts. There are many types of authentication methods like single-factor authentication, two-step authentication, and multi-factor authentication. Use any one of these to send a one time password (OTP) to verify the user who logs in the smart device to keep our accounts from falling into the wrong hands.

9. Update the device software up to date

Every smart device manufacturer releases updates to fix bugs in their software. These security patches help us to improve our protection of the device. Also, update the software on the smartphone, which we are used to monitoring the IoT devices to avoid vulnerabilities.

10. Track the smartphones and keep them safe

When we connect the smart home to the smartphone and control them via smartphone, you need to keep them safe. If you miss the phone almost, every personal information is at risk to the cybercriminals. But sometimes it happens by accident, makes sure that you can clear all the data remotely.

However, securing smart devices is essential in the world of data. There are still cybercriminals bypassing the securities. So make sure to do the safety measures to avoid our accounts falling out into the wrong hands. I hope these steps will help you all to secure your IoT devices.

If you have any, feel free to share them in the comments! I’d love to know them.

Are you looking for more? Subscribe to weekly newsletters that can help your stay updated IoT application developments.

#iot #enterprise iot security #how iot can be used to enhance security #how to improve iot security #how to protect iot devices from hackers #how to secure iot devices #iot security #iot security devices #iot security offerings #iot security technologies iot security plus #iot vulnerable devices #risk based iot security program

Learn Object Key iteration in JavaScript and TypeScript

Looping through an object by its keys is a common task for many #JavaScript developers. In this lesson we discuss why your assumptions can break when migrating your code to #TypeScript and a quick fix you can use if you trust you code completely 🌹

#typescript #javascript 

The Definitive Guide to TypeScript & Possibly The Best TypeScript Book

TypeScript Deep Dive

I've been looking at the issues that turn up commonly when people start using TypeScript. This is based on the lessons from Stack Overflow / DefinitelyTyped and general engagement with the TypeScript community. You can follow for updates and don't forget to ★ on GitHub 🌹

Reviews

• Thanks for the wonderful book. Learned a lot from it. (link)
• Its probably the Best TypeScript book out there. Good Job (link)
• Love how precise and clear the examples and explanations are! (link)
• For the low, low price of free, you get pages of pure awesomeness. Chock full of source code examples and clear, concise explanations, TypeScript Deep Dive will help you learn TypeScript development. (link)
• Just a big thank you! Best TypeScript 2 detailed explanation! (link)
• This gitbook got my project going pronto. Fluent easy read 5 stars. (link)
• I recommend the online #typescript book by @basarat you'll love it.(link)
• I've always found this by @basarat really helpful. (link)
• We must highlight TypeScript Deep Dive, an open source book.(link)
• Great online resource for learning. (link)
• Thank you for putting this book together, and for all your hard work within the TypeScript community. (link)
• TypeScript Deep Dive is one of the best technical texts I've read in a while. (link)
• Thanks @basarat for the TypeScript Deep Dive Book. Help me a lot with my first TypeScript project. (link)
• Thanks to @basarat for this great #typescript learning resource. (link)
• Guyz excellent book on Typescript(@typescriptlang) by @basarat (link)
• Leaning on the legendary @basarat's "TypeScript Deep Dive" book heavily at the moment (link)
• numTimesPointedPeopleToBasaratsTypeScriptBook++; (link)
• A book not only for typescript, a good one for deeper JavaScript knowledge as well. link
• In my new job, we're using @typescriptlang, which I am new to. This is insanely helpful huge thanks, @basarat! link
• Thank you for writing TypeScript Deep Dive. I have learned so much. link
• Loving @basarat's @typescriptlang online book basarat.gitbooks.io/typescript/# loaded with great recipes! link
• Microsoft doc is great already, but if want to "dig deeper" into TypeScript I find this book of great value link
• Thanks, this is a great book 🤓🤓 link
• Deep dive to typescript is awesome in so many levels. i find it very insightful. Thanks link
• @basarat's intro to @typescriptlang is still one of the best going (if not THE best) link
•  
• This is sweet! So many #typescript goodies! link

Get Started

If you are here to read the book online get started.

Translations

Book is completely free so you can copy paste whatever you want without requiring permission. If you have a translation you want me to link here. Send a PR.

• Filipino
• Italian
• Chinese
• Russian
• Portuguese
• Japanese
• Spanish
• Korean
• French
• Polish
• Thai

Other Options

You can also download one of the Epub, Mobi, or PDF formats from the actions tab by clicking on the latest build run. You will find the files in the artifacts section.

Special Thanks

All the amazing contributors 🌹

Share

Share URL: https://basarat.gitbook.io/typescript/

Author: Basarat
Source Code: https://github.com/basarat/typescript-book/ 
License: View license

#typescript #opensource 

TypeScript option you want to enable beyond strict : noUncheckedIndexedAccess

strict (and its sub flag strictNullChecks) can really help prevent null and undefined errors in your runtime #JavaScript. However, it doesn't defend against invalid array and object access.

In this lesson we look at a flag that protects against rogue undefined that might end up in your #TypeScript if this flag is not enabled 

#typescript #javascript