@breadstone/archipel-platform-cryptography
Classes
| Class | Description |
|---|---|
| BcryptService | The BcryptService class. Provides bcrypt hashing and comparison with configurable salt rounds, optional pepper (HMAC pre-hash), and SHA-256 pre-hash for passwords exceeding bcrypt's 72-byte input limit. |
| CryptographyError | Base class for cryptography-related domain errors. |
| CryptoService | The CryptoService class. Represents the service that provides cryptographic operations. |
| InvalidOtpError | Thrown when an OTP token fails verification. |
| OtpService | OTP service implementation backed by otplib v13. |
| WeakPasswordError | Thrown when a password does not meet the minimum strength requirements. |
Interfaces
| Interface | Description |
|---|---|
| IBcryptOptions | Configuration options for BcryptService. |
| IOtpOptions | Configuration options for OtpService. |
| IOtpService | Abstraction over OTP (One-Time Password) operations. |
| IOtpUriOptions | Options for generating an OTP authentication URI (otpauth://). |
Variables
| Variable | Description |
|---|---|
| BCRYPT_OPTIONS | Injection token for bcrypt options. |
| MAX_BCRYPT_PASSWORD_BYTES | Maximum password byte length that bcrypt processes without truncation. |
| MIN_BCRYPT_ROUNDS | Minimum number of bcrypt salt rounds enforced by the service (OWASP ≥ 12). |
| OTP_OPTIONS | Injection token for OTP service options. |
| OTP_SERVICE_TOKEN | Injection token for the OTP service abstraction. |
| TOTP_EPOCH_TOLERANCE | Default TOTP verification tolerance expressed in seconds (otplib v13 epochTolerance). |