A comprehensive TypeScript security library providing cryptographic primitives and utilities with a focus on type safety, security, performance, and modern best practices.

• 🔒 Cryptographic Primitives

  • AES encryption (128/192/256-bit) with multiple modes (ECB, CBC, CFB, OFB, CTR, GCM)
  • SHA-2 family hash functions (SHA-256, SHA-384, SHA-512)
  • HMAC message authentication
  • RSA encryption and signing
  • Ed25519 digital signatures

• 🛡️ Secure Random Number Generation

  • Fortuna CSPRNG implementation
  • Multiple entropy sources
  • Automatic reseeding
  • Browser and Bun / Node.js support

• 📜 Certificate Management

  • X.509 certificate handling
  • PEM encoding/decoding
  • Certificate signing request (CSR) creation
  • Certificate chain validation

• 🔐 TLS/SSL Support

  • TLS protocol implementation
  • Secure socket connections
  • Certificate-based authentication
  • Modern cipher suite support

• 🎯 Type Safety

  • Full TypeScript support
  • Comprehensive type definitions
  • Strict type checking
  • Modern ES6+ features

• 🧰 Utilities

  • Base-N encoding (Base64, Base58, etc.)
  • ASN.1 encoding/decoding
  • BigInteger arithmetic
  • Buffer manipulation

# bun bun install ts-security # npm npm install ts-security # pnpm pnpm install ts-security

After installing the package, you can import and use the various cryptographic functions:

import { aes, ed25519, hmac, pki, random, rsa, sha256, sha512, tls } from 'ts-security' // AES Encryption const cipher = aes.createCipher('AES-GCM', key) cipher.start({ iv }) cipher.update(data) const encrypted = cipher.finish() // SHA-256 Hashing const md = sha256.create() md.update('Hello, World!') const hash = md.digest().toHex() // Secure Random Numbers const bytes = random.getBytesSync(32) // RSA Key Generation const keypair = rsa.generateKeyPair({ bits: 2048 }) // Digital Signatures const signature = ed25519.sign(message, privateKey) const isValid = ed25519.verify(signature, message, publicKey) // Certificate Operations const cert = pki.createCertificate() cert.publicKey = keypair.publicKey cert.sign(keypair.privateKey) // TLS Connections const connection = tls.connect({ server: host, port: 443, caStore: [/* trusted certificates */] })

For more detailed examples and API documentation, please visit our documentation.

bun test

Please see our releases page for more information on what has changed recently.

Please review the Contributing Guide for details.

For help, discussion about best practices, or any other conversation that would benefit from being searchable:

Discussions on GitHub

For casual chit-chat with others using this package:

Join the Stacks Discord Server

“Software that is free, but hopes for a postcard.” We love receiving postcards from around the world showing where ts-security is being used! We showcase them on our website too.

Our address: Stacks.js, 12665 Village Ln #2306, Playa Vista, CA 90094, United States 🌎

We would like to extend our thanks to the following sponsors for funding Stacks development. If you are interested in becoming a sponsor, please reach out to us.

• JetBrains
• The Solana Foundation

• Dave Longley
• node-forge
• Chris Breuer
• All Contributors

The MIT License (MIT). Please see LICENSE for more information.

Made with 💙