e2ee-adapter
Version:
Plug-and-play End-to-End Encryption middleware for Express.js and NestJS using hybrid AES-CBC + RSA encryption with secure key exchange
63 lines • 2.03 kB
TypeScript
import { KeyPair } from '../types';
export interface E2EEClientConfig {
/** Multiple server keys for multi-domain support */
serverKeys: {
[keyId: string]: string;
};
/** Key ID for versioning */
keyId?: string;
}
export interface E2EEClientRequest {
url: string;
method: string;
data?: any;
headers?: Record<string, string>;
keyId: string;
}
export interface E2EEClientResponse {
data: any;
headers: Record<string, string>;
status: number;
statusText: string;
}
export declare class E2EEClient {
private readonly serverKeys;
constructor(config: E2EEClientConfig);
/**
* Get server public key for a specific keyId
*/
private getServerPublicKey;
/**
* Encrypt request data using hybrid encryption (AES-CBC + RSA)
* @param data - Data to encrypt
* @param keyId - Key ID to use for encryption
* @returns Promise<{ encryptedData: string, encryptedKey: string, iv: string, originalAesKey: Buffer, originalIv: Buffer }>
*/
encryptRequest(data: any, keyId: string): Promise<{
encryptedData: string;
encryptedKey: string;
iv: string;
originalAesKey: Buffer;
originalIv: Buffer;
}>;
/**
* Decrypt response data using AES-CBC
* @param encryptedData - Encrypted data (base64)
* @param aesKey - AES key (Buffer)
* @param iv - Initialization vector (Buffer)
* @returns Promise<any>
*/
decryptResponse(encryptedData: string, aesKey: Buffer, iv: Buffer): Promise<any>;
/**
* Make an encrypted HTTP request
* @param requestConfig - Request configuration
* @returns Promise<E2EEClientResponse>
*/
request(requestConfig: E2EEClientRequest): Promise<E2EEClientResponse>;
/**
* Generate a new key pair (for testing purposes only)
* Note: In production, clients don't generate their own keys
*/
static generateKeyPair(keySize?: number): Promise<KeyPair>;
}
//# sourceMappingURL=e2ee-client.d.ts.map