UNPKG

ephy-rsa

Version:

A hybrid RSA + AES encryption service using jose for large data encryption on the browser.

github.com/aman-eth/ephy-rsa

aman-eth/ephy-rsa

100 lines (99 loc) 4.53 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
"use strict"; var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } return new (P || (P = Promise))(function (resolve, reject) { function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } step((generator = generator.apply(thisArg, _arguments || [])).next()); }); }; Object.defineProperty(exports, "__esModule", { value: true }); const jose = require("jose"); class RSAKeyService { constructor(algorithm) { this.privateKey = null; this.publicKey = null; this.initialized = false; this.algorithm = { name: "RSA-OAEP", modulusLength: 2048, publicExponent: new Uint8Array([1, 0, 1]), hash: "SHA-256", }; this.algorithm = algorithm; } static getInstance() { return __awaiter(this, arguments, void 0, function* (algorithm = { name: "RSA-OAEP", modulusLength: 2048, publicExponent: new Uint8Array([1, 0, 1]), hash: "SHA-256", }) { if (!RSAKeyService.instance) { RSAKeyService.instance = new RSAKeyService(algorithm); yield RSAKeyService.instance.generateKeys(); } return RSAKeyService.instance; }); } generateKeys() { return __awaiter(this, void 0, void 0, function* () { if (this.initialized) return; const keyPair = yield crypto.subtle.generateKey(this.algorithm, true, [ "encrypt", "decrypt", ]); this.privateKey = keyPair.privateKey; const exportedPublicKey = yield crypto.subtle.exportKey("spki", keyPair.publicKey); this.publicKey = btoa(String.fromCharCode(...new Uint8Array(exportedPublicKey))); this.initialized = true; }); } getPublicKey() { return this.publicKey; } encryptWithServerPublicKey(data_1, jwkPublicKey_1) { return __awaiter(this, arguments, void 0, function* (data, jwkPublicKey, // Accepts both JWK and PEM/Base64 alg = "RSA-OAEP-256", enc = "A256GCM") { try { const encodedData = new TextEncoder().encode(data); let publicKey; if (typeof jwkPublicKey === "string") { // Assume PEM or Base64 format const pemPublicKey = `-----BEGIN PUBLIC KEY-----\n${jwkPublicKey}\n-----END PUBLIC KEY-----`; publicKey = yield jose.importSPKI(pemPublicKey, alg); } else { publicKey = yield jose.importJWK(Object.assign({}, jwkPublicKey), alg); } return yield new jose.CompactEncrypt(encodedData) .setProtectedHeader({ alg, enc }) .encrypt(publicKey); } catch (error) { throw new Error(`Encryption failed: ${error}`); } }); } decryptWithPrivateKey(encryptedData) { return __awaiter(this, void 0, void 0, function* () { try { if (!this.privateKey) throw new Error("Private key is not available!"); const pkcs8 = yield crypto.subtle.exportKey("pkcs8", this.privateKey); // Replace Buffer usage with browser-compatible base64 conversion const base64Key = btoa(String.fromCharCode(...new Uint8Array(pkcs8))); const pkcs8Pem = `-----BEGIN PRIVATE KEY-----\n${base64Key}\n-----END PRIVATE KEY-----`; const josePrivateKey = yield jose.importPKCS8(pkcs8Pem, this.algorithm.name); const { plaintext } = yield jose.compactDecrypt(encryptedData, josePrivateKey); return new TextDecoder().decode(plaintext); } catch (error) { throw new Error(`Decryption failed: ${error}`); } }); } } exports.default = (algorithm) => __awaiter(void 0, void 0, void 0, function* () { return yield RSAKeyService.getInstance(algorithm); });