npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@endeavour/end-to-end-encryption-client

v1.0.0

Published

Client-side implementation for end-to-end encryption

Downloads

2

Readme

End-to-end encryption client

Simple wrapper for the Web Crypto API to encrypt and decrypt text.

It can create a derived key (256 bits AES-GCM) from a public and private key, using an Elliptic Curve Diffie-Hellman key exchange. This key can then be used to encrypt and decrypt text.

It does not contain any logic to generate the public and private keys. Typically, you would want to do that in your backend and send the public key to the client. See the key generation example for a simple example using PHP.

Use cases

One-to-one communication

  • Key exchange
    • Generate a public and private key pair on the server for both participants
      • If generated server-side; send each participant their own private key
    • Send the public key of participant A to participant B and vice versa
    • Participant A generates a derived key from his private key and the public key of participant B
    • Participant B generates a derived key from his private key and the public key of participant A
  • Message exchange
    • Participant A encrypts a message with the derived key and sends it to participant B
    • Participant B decrypts the message with the derived key
    • Participant B encrypts a message with the derived key and sends it to participant A
    • Participant A decrypts the message with the derived key
  • Done!

Group communication

  • Key exchange
    • Generate a public and private key pair on the server for each participant
      • If generated server-side; send each participant their own public and private key
    • Generate a public and private key pair on the server for the group
    • Send each participant the group's public and private key
      • Recommended: Encrypt the private key for the group with the public key of each participant before sending it to them. They'll need to decrypt it with their private key before they can use it.
    • Each participant generates a derived key from the group's public and private key
  • Message exchange
    • Each participant encrypts a message with the derived key and sends it to the backend, to be received by all other participants
    • Each participant decrypts the message with the derived key
  • Done!

Installation

  • Run npm i @endeavour/end-to-end-encryption-client
  • Import the modules in your code:
import { CryptoKeyService, EndToEndEncryptionClient } from '@endeavour/end-to-end-encryption-client'

Documentation

CryptoKeyService

  • A service for key management
  • Sample usage:
const cryptoKeyService = new CryptoKeyService()

CryptoKeyService.importPemEncodedPrivateKey(privateKeyData: string): Promise<CryptoKey>

  • Imports a PEM encoded private key
  • Returns a promise that resolves to a CryptoKey
  • Sample usage:
const myPrivateKeyData = `-----BEGIN PRIVATE KEY-----
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
-----END PRIVATE KEY-----`
const myPrivateKey = await cryptoKeyService.importPemEncodedPrivateKey(myPrivateKeyData)

CryptoKeyService.importPemEncodedPublicKey(publicKeyData: string): Promise<CryptoKey>

  • Imports a PEM encoded public key
  • Returns a promise that resolves to a CryptoKey
  • Sample usage:
const myPublicKeyData = `-----BEGIN PUBLIC KEY-----
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
-----END PUBLIC KEY-----`
const myPublicKey = await cryptoKeyService.importPemEncodedPublicKey(myPublicKeyData)

CryptoKeyService.deriveKey(publicKey: CryptoKey, privateKey: CryptoKey): Promise<CryptoKey>

  • Creates a derived key from a public and private key
  • Sample usage:
const myEncryptionKey = await cryptoKeyService.deriveKey(myPublicKey, myPrivateKey)

EndToEndEncryptionClient

Used to encrypt and decrypt text

EndToEndEncryptionClient.encrypt(plaintextMessage: string, key: CryptoKey): Promise<string>

  • Encrypts a message with a key
  • Returns a promise that resolves to a base64 encoded string
  • Sample usage:
const encryptedMessage = await endToEndEncryptionClient.encrypt(myEncryptionKey, 'Hello world!')

EndToEndEncryptionClient.decrypt(encryptedMessage: string, key: CryptoKey): Promise<string>

  • Decrypts an encrypted message with a key
  • Returns a promise that resolves to a string
  • Sample usage:
const decryptedMessage = await endToEndEncryptionClient.decrypt(myEncryptionKey, encryptedMessage)

Examples