npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

ts-aes-ofb

v1.0.0

Published

TypeScript port of WjCryptLib's AES-OFB (NIST SP 800-38A §F.4). AES-128/192/256.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

scottmoore0scottmoore0

Keywords

aesaes-ofbofbstream-cipherfips197sp800-38atypescript

Readme

ts-aes-ofb

A direct TypeScript port of WjCryptLib's AES-OFB. AES-128/192/256 in OFB mode of operation.

If you find this project useful, you can support this and further ports at ko-fi.com/scottmoore0.

Upstream provenance

Direct port of WaterJuice/WjCryptLib (WjCryptLib_Aes.c core + WjCryptLib_AesOfb.c mode wrapper), Unlicense / public domain.

The translated output is validated against NIST SP 800-38A §F.4.1, §F.4.3, §F.4.5 test vectors covering all three AES key sizes.

Why this exists

AES-OFB (Output Feedback) turns the AES block cipher into a synchronous stream cipher by feeding the encryption output back as the next input. Encryption and decryption are the same XOR-with-keystream operation. Unlike CBC, OFB:

  • Does NOT require block-aligned input (arbitrary length).
  • Is malleable — bit-flips in ciphertext become bit-flips in plaintext.
  • Cannot recover from bit errors (no error propagation).

Common uses: legacy serial-link encryption, some satellite protocols, voice encryption, historic VPN profiles.

Install

npm install ts-aes-ofb

Usage

import { aesOfb, AesOfb } from 'ts-aes-ofb';

// One-shot — symmetric (same function encrypts and decrypts)
const key = new Uint8Array(16);  // 16, 24, or 32 bytes
const iv  = new Uint8Array(16);
const ct = aesOfb(key, iv, plaintext);
const pt = aesOfb(key, iv, ct);

// Streaming
const stream = new AesOfb(key, iv);
const part1 = stream.process(plaintext.slice(0, 17));   // any length
const part2 = stream.process(plaintext.slice(17));

API surface

  • aesOfb(key, iv, data): Uint8Array — one-shot (symmetric).
  • class AesOfb — streaming with .process(chunk) (chunks may be any length).
  • AES_BLOCK_SIZE = 16 — exported constant.

Reference vectors

The test suite asserts against:

| Spec | Key | Status | |---|---|---| | NIST SP 800-38A §F.4.1 | AES-128 | ✓ (4-block vector) | | NIST SP 800-38A §F.4.3 | AES-192 | ✓ | | NIST SP 800-38A §F.4.5 | AES-256 | ✓ |

Plus stream-cipher symmetry, non-block-aligned length support, and streaming-matches-one-shot.

Run:

npm test

Caveats

  • No authentication. OFB is malleable. For real-world use, pair with HMAC (encrypt-then-MAC) or use AEAD (AES-GCM, ChaCha20-Poly1305).
  • IV must NEVER be reused with the same key. OFB with reused IV reveals plaintext XOR difference of any two messages. Use a fresh random 16-byte IV per encryption.
  • Stream-cipher: bit-flips translate. Single-bit flip in ciphertext causes single-bit flip in plaintext at the same position. Authenticate the ciphertext.
  • Cannot parallelise. OFB's keystream generation is inherently sequential. For parallel encryption use CTR mode (but note: WjCryptLib's CTR uses a non-NIST counter convention).
  • Not constant-time. Direct reference translation; JS runtime adds further timing variability.

License

Unlicense / public domain. Original C by WaterJuice under Unlicense.

See also