Logo

Core Primitives

The Core module provides the foundational cryptographic primitives and binary handling for the XyPriss Security framework. These operations are powered by a native Go engine for high performance and strict security standards.

Cipher (Compatibility)

A unified entry point that aggregates all core modules for convenience and backward compatibility.

typescript
import { Cipher } from "xypriss-security";

const bytes = Cipher.random.getRandomBytes(32);
const digest = Cipher.hash.create("data");
const apiKey = Cipher.XSec.generateAPIKey();

Hashing & Key Derivation

High-performance hashing, HMAC, and PBKDF2 operations via the Hash class.

Hash API
import { Hash } from "xypriss-security";

// Standard SHA-256 Hash
const hexHash = Hash.create("message");

// PBKDF2 Key Derivation
const key = Hash.create("password", {
  algorithm: "pbkdf2",
  iterations: 210000,
  outputFormat: "buffer",
});

// PKCE Challenge for OAuth2
const challenge = Hash.pkce("verifier-string-123");

Secure Random Generation

Cryptographically secure random generation for numbers and tokens.

Random API
import { Cipher } from "xypriss-security";

// Secure Integer [50, 150)
const secureInt = Cipher.random.Int(50, 150);

// High-Entropy Token
const token = Cipher.random.generateToken(32, { 
    includeSymbols: true,
    excludeSimilar: true 
});

Password Management (pm)

Configurable, instance-based secure password management using Argon2id by default.

Password Manager
import { pm } from "xypriss-security";

const passwords = new pm({
  algorithm: "argon2id",
  memoryCost: 65536,
  parallelism: 4,
  pepper: "app-secret-pepper",
});

const hash = await passwords.hash("user-password-123");
const isValid = await passwords.verify("user-password-123", hash);

// Evaluate password strength
const { score, suggestions } = passwords.strength("p@ssword!");

Secure Binary Handling

The SecureBuffer class extends standard Uint8Array with familiar encoding methods optimized for security contexts.

SecureBuffer Methods
  • toString("hex" | "base64" | "utf8" | "binary")
  • Accurate UTF-8 byte length validation via isValidByteLength
  • Hardware-bound memory sanitization for sensitive data
Ed25519 Signatures

High-performance EdDSA signature verification for digital integrity.