Encryption

The SAuthBase SDK provides functions for HMAC, AES-GCM encryption, and decryption.
These features can be used to securely handle data such as session IDs and account information.

HMAC Calculation

This can be used for tamper detection or verifying token generation.

const result = sab.calculateHmac("example");
console.log(result.data); // Hexadecimal hash

Encrypting Data

You can encrypt data using AES-256-GCM.

const encrypted = sab.encrypt("username|hmac");
console.log(encrypted.data); // Format: iv:encrypted:authTag

• Returns encrypted data as a string if successful.
• Use together with decryption for secure communication.

Decrypting Data

Decrypt encrypted strings and restore the original data.

const decrypted = sab.decrypt(encrypted.data);
console.log(decrypted.data); // Original username|hmac

• Fails if the encrypted format is invalid.
• Useful for verifying authentication token contents.

Example: Generate Encrypted Token from Username

Using generateEncryptedToken(), you can encrypt a username with its HMAC.

const token = await sab.generateEncryptedToken("exampleUser");
console.log(token.data); // Secure token that can be decrypted and verified

Example: Extract Session ID and Username from Token

const sessionId = await sab.extractUserWithVerify(token.data);
const username = sab.extractUserUnsafe(token.data);

• extractUserWithVerify() also performs HMAC validation.
• extractUserUnsafe() extracts only the username (no verification).

You have now completed the basics of encryption.