@seckav/security-sdk
Version:
SecKav Security SDK - Enterprise-grade security platform with AI-powered threat detection, LLM-powered misconfiguration scanning (Gemini/GPT-4/Claude), end-to-end encryption, behavioral analysis, enhanced file scanning, adaptive rate limiting, GDPR/DPDP/C
343 lines • 12.2 kB
JavaScript
"use strict";
var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.EncryptionModule = void 0;
const axios_1 = __importDefault(require("axios"));
class EncryptionModule {
constructor(config) {
this.config = config;
}
/**
* Get encryption status for organization
*/
async getEncryptionStatus(token) {
try {
const response = await axios_1.default.get(`${this.config.apiUrl}/api/v1/encryption/status`, {
headers: {
'Authorization': `Bearer ${token}`,
'Content-Type': 'application/json',
},
timeout: this.config.timeout || 5000,
});
return {
success: true,
data: response.data.status,
message: 'Encryption status retrieved successfully',
};
}
catch (error) {
if (this.config.onError) {
this.config.onError(error);
}
return {
success: false,
error: error.response?.data?.error || 'Failed to get encryption status',
message: error.response?.data?.message || 'An error occurred',
};
}
}
/**
* Get encryption configuration for organization
*/
async getEncryptionConfiguration(token) {
try {
const response = await axios_1.default.get(`${this.config.apiUrl}/api/v1/encryption/configuration`, {
headers: {
'Authorization': `Bearer ${token}`,
'Content-Type': 'application/json',
},
timeout: this.config.timeout || 5000,
});
return {
success: true,
data: response.data.configuration,
message: 'Encryption configuration retrieved successfully',
};
}
catch (error) {
if (this.config.onError) {
this.config.onError(error);
}
return {
success: false,
error: error.response?.data?.error || 'Failed to get encryption configuration',
message: error.response?.data?.message || 'An error occurred',
};
}
}
/**
* Update encryption configuration
*/
async updateEncryptionConfiguration(token, config) {
try {
const response = await axios_1.default.put(`${this.config.apiUrl}/api/v1/encryption/configuration`, config, {
headers: {
'Authorization': `Bearer ${token}`,
'Content-Type': 'application/json',
},
timeout: this.config.timeout || 10000,
});
return {
success: true,
data: response.data.configuration,
message: 'Encryption configuration updated successfully',
};
}
catch (error) {
if (this.config.onError) {
this.config.onError(error);
}
return {
success: false,
error: error.response?.data?.error || 'Failed to update encryption configuration',
message: error.response?.data?.message || 'An error occurred',
};
}
}
/**
* Manually rotate encryption key
*/
async rotateEncryptionKey(token, reason = 'manual') {
try {
const response = await axios_1.default.post(`${this.config.apiUrl}/api/v1/encryption/keys/rotate`, { reason }, {
headers: {
'Authorization': `Bearer ${token}`,
'Content-Type': 'application/json',
},
timeout: this.config.timeout || 10000,
});
return {
success: true,
newKeyId: response.data.newKeyId,
algorithm: response.data.algorithm,
expiresAt: response.data.expiresAt,
reason: response.data.reason,
message: 'Encryption key rotated successfully',
};
}
catch (error) {
if (this.config.onError) {
this.config.onError(error);
}
return {
success: false,
error: error.response?.data?.error || 'Failed to rotate encryption key',
message: error.response?.data?.message || 'An error occurred',
};
}
}
/**
* Get key rotation history
*/
async getKeyRotationHistory(token, page = 1, limit = 20) {
try {
const response = await axios_1.default.get(`${this.config.apiUrl}/api/v1/encryption/keys/history`, {
headers: {
'Authorization': `Bearer ${token}`,
'Content-Type': 'application/json',
},
params: { page, limit },
timeout: this.config.timeout || 5000,
});
return {
success: true,
data: {
rotationHistory: response.data.rotationHistory,
keyHistory: response.data.keyHistory,
pagination: response.data.pagination,
},
message: 'Key rotation history retrieved successfully',
};
}
catch (error) {
if (this.config.onError) {
this.config.onError(error);
}
return {
success: false,
error: error.response?.data?.error || 'Failed to get key rotation history',
message: error.response?.data?.message || 'An error occurred',
};
}
}
/**
* Revoke specific encryption key
*/
async revokeEncryptionKey(token, keyId, reason) {
try {
const response = await axios_1.default.post(`${this.config.apiUrl}/api/v1/encryption/keys/${keyId}/revoke`, { reason }, {
headers: {
'Authorization': `Bearer ${token}`,
'Content-Type': 'application/json',
},
timeout: this.config.timeout || 10000,
});
return {
success: true,
data: {
keyId: response.data.keyId,
reason: response.data.reason,
revokedAt: response.data.revokedAt,
},
message: 'Encryption key revoked successfully',
};
}
catch (error) {
if (this.config.onError) {
this.config.onError(error);
}
return {
success: false,
error: error.response?.data?.error || 'Failed to revoke encryption key',
message: error.response?.data?.message || 'An error occurred',
};
}
}
/**
* Test encryption/decryption functionality
*/
async testEncryption(token, data, algorithm) {
try {
const response = await axios_1.default.post(`${this.config.apiUrl}/api/v1/encryption/test`, { data, algorithm }, {
headers: {
'Authorization': `Bearer ${token}`,
'Content-Type': 'application/json',
},
timeout: this.config.timeout || 15000,
});
return {
success: true,
test: response.data.test,
message: 'Encryption test completed successfully',
};
}
catch (error) {
if (this.config.onError) {
this.config.onError(error);
}
return {
success: false,
error: error.response?.data?.error || 'Failed to test encryption',
message: error.response?.data?.message || 'An error occurred',
};
}
}
/**
* Generate SSL certificate
*/
async generateCertificate(token, domain, type = 'self-signed') {
try {
const response = await axios_1.default.post(`${this.config.apiUrl}/api/v1/encryption/certificates/generate`, { domain, type }, {
headers: {
'Authorization': `Bearer ${token}`,
'Content-Type': 'application/json',
},
timeout: this.config.timeout || 15000,
});
return {
success: true,
data: response.data.certificate,
message: 'SSL certificate generated successfully',
};
}
catch (error) {
if (this.config.onError) {
this.config.onError(error);
}
return {
success: false,
error: error.response?.data?.error || 'Failed to generate certificate',
message: error.response?.data?.message || 'An error occurred',
};
}
}
/**
* Get certificate status
*/
async getCertificateStatus(token) {
try {
const response = await axios_1.default.get(`${this.config.apiUrl}/api/v1/encryption/certificates/status`, {
headers: {
'Authorization': `Bearer ${token}`,
'Content-Type': 'application/json',
},
timeout: this.config.timeout || 5000,
});
return {
success: true,
data: {
certificates: response.data.certificates,
tlsStatus: response.data.tlsStatus,
},
message: 'Certificate status retrieved successfully',
};
}
catch (error) {
if (this.config.onError) {
this.config.onError(error);
}
return {
success: false,
error: error.response?.data?.error || 'Failed to get certificate status',
message: error.response?.data?.message || 'An error occurred',
};
}
}
/**
* Enable encryption for organization
*/
async enableEncryption(token, config) {
const defaultConfig = {
enabled: true,
algorithm: 'aes-256-gcm',
keyRotationInterval: 24,
encryptSensitiveRoutes: true,
encryptAllData: false,
...config
};
return this.updateEncryptionConfiguration(token, defaultConfig);
}
/**
* Disable encryption for organization
*/
async disableEncryption(token) {
return this.updateEncryptionConfiguration(token, { enabled: false });
}
/**
* Create encrypted HTTP client that automatically handles encryption headers
*/
createEncryptedClient(token) {
return axios_1.default.create({
baseURL: this.config.apiUrl,
headers: {
'Authorization': `Bearer ${token}`,
'Content-Type': 'application/json',
'X-Encryption-Supported': 'true', // Signal that client supports encryption
},
timeout: this.config.timeout || 10000,
});
}
/**
* Get module information
*/
getInfo() {
return {
name: 'Encryption',
version: '1.0.0',
description: 'End-to-end encryption, key management, and TLS enforcement',
features: [
'AES-256-GCM encryption',
'Automatic key rotation',
'TLS enforcement',
'Certificate management',
'Selective route encryption',
'Performance monitoring'
],
apiUrl: this.config.apiUrl,
};
}
}
exports.EncryptionModule = EncryptionModule;
//# sourceMappingURL=EncryptionModule.js.map