Class: SalmonStream

SalmonStream(key, nonce, encryptionMode, baseStream, headerData, integrity, chunkSize, hashKey)

Stream decorator provides AES256 encryption and decryption of stream. Block data integrity is also supported.

Constructor

new SalmonStream(key, nonce, encryptionMode, baseStream, headerData, integrity, chunkSize, hashKey)

Instantiate a new Salmon stream with a base stream and optional header data and hash integrity. If you read from the stream it will decrypt the data from the baseStream. If you write to the stream it will encrypt the data from the baseStream. The transformation is based on AES CTR Mode. Notes: The initial value of the counter is a result of the concatenation of an 12 byte nonce and an additional 4 bytes counter. The counter is then: incremented every block, encrypted by the key, and xored with the plain text.
Parameters:
Name Type Default Description
key Uint8Array The AES key that is used to encrypt decrypt
nonce Uint8Array The nonce used for the initial counter
encryptionMode EncryptionMode Encryption mode Encrypt or Decrypt this cannot change later
baseStream RandomAccessStream The base Stream that will be used to read the data
headerData Uint8Array | null null The data to store in the header when encrypting.
integrity boolean false enable integrity
chunkSize number | null null the chunk size to be used with integrity
hashKey Uint8Array | null null Hash key to be used with integrity
Source:
See:
Throws:
  • IOException Thrown if there is an IO error.
  • SalmonSecurityException Thrown when error with security
  • IntegrityException Thrown if the data are corrupt or tampered with.

Classes

SalmonStream

Methods

(async) actualLength() → {Promise.<number>}

Provides the total length of the base stream including header and integrity data if available.
Source:
Returns:
The actual length of the base stream.
Type
Promise.<number>

(async) canRead() → {Promise.<boolean>}

If the stream is readable (only if EncryptionMode == Decrypted)
Source:
Returns:
True if mode is decryption.
Type
Promise.<boolean>

(async) canSeek() → {Promise.<boolean>}

If the stream is seekable (supported only if base stream is seekable).
Source:
Returns:
True if stream is seekable.
Type
Promise.<boolean>

(async) canWrite() → {Promise.<boolean>}

If the stream is writeable (only if EncryptionMode is Encrypt)
Source:
Returns:
True if mode is decryption.
Type
Promise.<boolean>

(async) close()

Closes the stream and all resources associated with it (including the base stream).
Source:
Throws:
IOException Thrown if there is an IO error.

(async) flush()

Flushes any buffered data to the base stream.
Source:

(async) getBlock() → {Promise.<number>}

Returns the current Block value
Source:
Returns:
The current block value.
Type
Promise.<number>

getBufferSize() → {number}

Get the internal buffer size.
Source:
Returns:
The buffer size.
Type
number

getChunkSize() → {number}

Returns the chunk size used to apply hash signature
Source:
Returns:
The chunk size
Type
number

(async) getCounter() → {Promise.<Uint8Array>}

Returns the current Counter value.
Source:
Returns:
The current Counter value.
Type
Promise.<Uint8Array>

getEncryptionMode() → {EncryptionMode}

Get the encryption mode.
Source:
Returns:
The encryption mode.
Type
EncryptionMode

getHashKey() → {Uint8Array}

Returns a copy of the hash key.
Source:
Returns:
A copy of the hash key
Type
Uint8Array

(async) getKey() → {Promise.<Uint8Array>}

Returns a copy of the encryption key.
Source:
Returns:
A copy of the key.
Type
Promise.<Uint8Array>

(async) getNonce() → {Promise.<Uint8Array>}

Returns a copy of the initial vector.
Source:
Returns:
A copy of the initial vector
Type
Promise.<Uint8Array>

(async) getPosition() → {Promise.<number>}

Provides the position of the stream relative to the data to be transformed.
Source:
Throws:
IOException Thrown if there is an IO error.
Returns:
The current position of the stream.
Type
Promise.<number>

getTransformer() → {ISalmonCTRTransformer}

Get the current transformer for this stream.
Source:
Returns:
Type
ISalmonCTRTransformer

hasIntegrity() → {boolean}

If the stream has integrity enabled
Source:
Returns:
Type
boolean

isAllowRangeWrite() → {boolean}

Get the allowed range write option. This can check if you can use random access write. This is generally not a good option since it prevents reusing the same nonce/counter.
Source:
Returns:
True if the stream allowed to seek and write.
Type
boolean

isIntegrityEnabled() → {boolean}

True if the stream has integrity enabled.
Source:
Returns:
If integrity is enabled for this stream.
Type
boolean

(async) length() → {Promise.<number>}

Provides the length of the actual transformed data (minus the header and integrity data).
Source:
Returns:
The length of the stream.
Type
Promise.<number>

(async) read(buffer, offset, count) → {Promise.<number>}

Decrypts the data from the baseStream and stores them in the buffer provided.
Parameters:
Name Type Description
buffer Uint8Array The buffer that the data will be stored after decryption
offset number The start position on the buffer that data will be written.
count number The requested count of the data bytes that should be decrypted
Source:
Returns:
The number of data bytes that were decrypted.
Type
Promise.<number>

(async) seek(offset, origin) → {Promise.<number>}

Seek to a specific position on the stream. This does not include the header and any hash Signatures.
Parameters:
Name Type Description
offset number The offset that seek will use
origin SeekOrigin.Begin If it is Begin the offset will be the absolute position from the start of the stream If it is Current the offset will be added to the current position of the stream If it is End the offset will be the absolute position starting from the end of the stream.
Source:
Returns:
The new position after seeking.
Type
Promise.<number>

setAllowRangeWrite(value)

Warning! Allow byte range encryption writes on a current stream. Overwriting is not a good idea because it will re-use the same IV. This is not recommended if you use the stream on storing files or generally data if prior version can be inspected by others. You should only use this setting for initial encryption with parallel streams and not for overwriting!
Parameters:
Name Type Description
value boolean True to allow byte range encryption write operations
Source:

setBufferSize(bufferSize)

Set the internal buffer size.
Parameters:
Name Type Description
bufferSize number The new buffer size.
Source:

setFailSilently(value)

Set to True if you want the stream to fail silently when integrity cannot be verified. In that case read() operations will return -1 instead of raising an exception. This prevents 3rd party code like media players from crashing.
Parameters:
Name Type Description
value boolean True to fail silently.
Source:

(async) setLength(value)

Set the length of the base stream. Currently unsupported.
Parameters:
Name Type Description
value number The new length.
Source:

(async) setPosition(value) → {Promise.<void>}

Sets the current position of the stream relative to the data to be transformed.
Parameters:
Name Type Description
value number The new position
Source:
Throws:
IOException Thrown if there is an IO error.
Returns:
Type
Promise.<void>

(async) write(buffer, offset, count)

Encrypts the data from the buffer and writes the result to the baseStream. If you are using integrity you will need to align all write operations to the chunk size otherwise align to the encryption block size.
Parameters:
Name Type Description
buffer Uint8Array The buffer that contains the data that will be encrypted
offset number The offset in the buffer that the bytes will be encrypted.
count number The length of the bytes that will be encrypted.
Source:

(async, static) getActualSize(data, key, nonce, mode, headerData, integrity, The, hashKey) → {Promise.<number>}

Get the output size of the data to be transformed(encrypted or decrypted) including header and hash without executing any operations. This can be used to prevent over-allocating memory where creating your output buffers.
Parameters:
Name Type Default Description
data Uint8Array The data to be transformed.
key Uint8Array The AES key.
nonce Uint8Array The nonce for the CTR.
mode EncryptionMode The EncryptionMode Encrypt or Decrypt.
headerData Uint8Array | null The header data to be embedded if you use Encryption.
integrity boolean false True if you want to enable integrity.
The number | null chunk size for integrity chunks.
hashKey Uint8Array | null The hash key to be used for integrity checks.
Source:
Throws:
  • SalmonSecurityException Thrown when error with security
  • IntegrityException Thrown if the data are corrupt or tampered with.
  • IOException Thrown if there is an IO error.
Returns:
The size of the output data.
Type
Promise.<number>

(static) getAesProviderType() → {ProviderType}

Get the global AES provider type. Supported types: ProviderType.
Source:
Returns:
The provider Type.
Type
ProviderType

(static) setAesProviderType(providerType)

Set the global AES provider type. Supported types: ProviderType.
Parameters:
Name Type Description
providerType ProviderType The provider Type.
Source: