npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

crypto-middleware

v1.2.4

Published

A browser middleware for handling client side encryption prior to uploading to the cloud

Downloads

36

Readme

Members

Functions

bufferSize

BufferSize, this is the size of the buffer that will be used to read the file in chunks and encrypt it in chunks This is a global variable that can be changed to suit the needs of the application. The default value is 5MB AWS Upload Parts minimum is 5MB, hence the default value is set to 5MB, but can be changed to any value from 64KB. It is important to keep the buffersize the same for both encryption and decryption.

Kind: global variable

readFileChunk(file) ⇒ ReadableStream

Reads a chunk of data from a file using the file's stream method. Used in conjunction with the XXX read and process files in chunks.

Kind: global function
Returns: ReadableStream - A readable stream from which chunks of data can be read.

| Param | Type | Description | | --- | --- | --- | | file | File | The file from which to read. |

Example

const file = new File(["foo"], "foo.txt", {
  type: "text/plain",
});
const stream = await readFileChunk(file);
const reader = stream.getReader();
const { value, done } = await reader.read();
console.log(value); // Logs the first chunk of data from the file.
This is the first part of the startStreaming pipeline 

encryptStream(passphrase) ⇒ TransformStream

Creates a TransformStream that encrypts input data in chunks using a derived key from a passphrase. Each chunk is encrypted separately with its own initialization vector (IV).

Kind: global function
Returns: TransformStream - A TransformStream that encrypts input data in chunks.

| Param | Type | Description | | --- | --- | --- | | passphrase | string | The passphrase from which to derive the encryption key. |

Example

const encryptedStream = encryptStream('my secure passphrase');
// Use the encryptedStream with a ReadableStream or WritableStream...

flush()

The FlushHandles any remaining data in the buffer when there is no more data to be consumed from the stream. If there is data left in the buffer, it generates a new initialization vector (IV), creates a subarray from the buffer containing the remaining data, and encrypts this data using the AES-GCM algorithm.

Kind: global function

generateIV() ⇒ Uint8Array

Generates an initialization vector (IV) for cryptographic operations. The IV is a random string of 16 bytes, generated using the crypto API.

Kind: global function
Returns: Uint8Array - A 16-byte typed array of unsigned integers, suitable for use as an IV.

handleIV(iv, encryptedFile) ⇒ Uint8Array

Prepends the initialization vector (IV) and the encryption algorithm used to the encrypted file. The IV is 16 bytes and the algorithm used ('AES-GCM') takes up the remaining bytes, making a total of 23 bytes.

Kind: global function
Returns: Uint8Array - A new Uint8Array containing the metadata (IV and algorithm) and the encrypted file data.

| Param | Type | Description | | --- | --- | --- | | iv | Uint8Array | The initialization vector used in the encryption. | | encryptedFile | ArrayBuffer | The encrypted file data. |

Example

const iv = crypto.getRandomValues(new Uint8Array(16));
const encryptedFile = await encryptFile(file, iv);
const fileWithMetadata = handleIV(iv, encryptedFile);

encryptFile(file, passphrase) ⇒ Promise.<Uint8Array>

Encrypts a file using a derived key from a passphrase. The encryption algorithm used is AES-GCM, and an initialization vector (IV) is generated for each encryption. Note: This function reads the whole file into memory at once, which may not be ideal for large files.

Kind: global function
Returns: Promise.<Uint8Array> - A promise that resolves with the encrypted file data as a Uint8Array.

| Param | Type | Description | | --- | --- | --- | | file | File | The file to be encrypted. | | passphrase | string | The passphrase from which to derive the encryption key. |

Example

const file = new File(["foo"], "foo.txt", {
  type: "text/plain",
});
const encryptedFileData = await encryptFile(file, 'my secure passphrase');
Not Recommened for large files over 50MB

decryptFile(file, passphrase) ⇒ Promise.<ArrayBuffer>

Decrypts a file using a derived key from a passphrase. The decryption algorithm used is AES-GCM, and the initialization vector (IV) used for encryption is required. Note: This function reads the whole file into memory at once, which may not be ideal for large files.

Kind: global function
Returns: Promise.<ArrayBuffer> - A promise that resolves with the decrypted file data as an ArrayBuffer.
Throws:

  • Will throw an error if the decryption fails.

| Param | Type | Description | | --- | --- | --- | | file | File | The file to be decrypted. | | passphrase | string | The passphrase from which to derive the decryption key. |

Example

const file = new File([encryptedData], "foo.txt", {
  type: "text/plain",
});
const

extractMeta(encryptedFile) ⇒ Object

Extracts the metadata (initialization vector and algorithm) from an encrypted file. The metadata is expected to be in the first 23 bytes of the file, with the IV in the first 16 bytes and the algorithm in the remaining bytes.

Kind: global function
Returns: Object - An object containing the initialization vector (as a Uint8Array) and the encrypted data (as a Uint8Array).

| Param | Type | Description | | --- | --- | --- | | encryptedFile | Uint8Array | The encrypted file data. |

Example

const { iv, encryptedData } = extractMeta(encryptedFileData);
23 bytes = 16 bytes IV + 7 bytes algorithm

decryptStream(privateKeyOrPassphrase) ⇒ TransformStream

Creates a TransformStream that decrypts data as it is read. The decryption algorithm used is AES-GCM, and the initialization vector (IV) and algorithm are extracted from each chunk. The data is held in a buffer to match the buffer length of the encrypted file, allowing the header IV and algorithm to be extracted from each chunk. The passphrase is used to authenticate each chunk. If any chunk fails authentication, the whole decryption will fail.

Kind: global function
Returns: TransformStream - A TransformStream that decrypts data as it is read.
Throws:

  • Will throw an error if the decryption fails.

| Param | Type | Description | | --- | --- | --- | | privateKeyOrPassphrase | string | File | The passphrase or private key to use for decryption. |

Example

const encryptedFile = new File([encryptedData], "foo.txt", {
  type: "text/plain",
});
const rs = encryptedFile.stream().pipeThrough(decryptStream('my secure passphrase'));

deriveKey(passPhrase) ⇒ Promise.<CryptoKey>

Derives a cryptographic key from a passphrase using the PBKDF2 algorithm. The derived key can be used for AES-GCM encryption and decryption. The PBKDF2 algorithm is used with a fixed salt and 100,000 iterations, and the SHA-256 hash function. Note: In a production environment, consider using a random salt and storing it securely for key derivation.

Kind: global function
Returns: Promise.<CryptoKey> - A promise that resolves with the derived key.

| Param | Type | Description | | --- | --- | --- | | passPhrase | string | The passphrase from which to derive the key. |

Example

const key = await deriveKey('my secure passphrase');

exportKeys(keyPair) ⇒ Promise.<Object>

Exports a key pair (private and public keys) in the JWK (JSON Web Key) format. This function can be used when you want to securely store the keys or transmit them over an insecure network.

Kind: global function
Returns: Promise.<Object> - A promise that resolves with an object containing the exported private and public keys. JWK are used to represent cryptographic keys in JSON format, Similar to PKCS#8 and X.509 formats, however, JWK provide human readability and are web friendly with standardized fields.

| Param | Type | Description | | --- | --- | --- | | keyPair | CryptoKeyPair | The key pair to be exported. This should be an object that has privateKey and publicKey properties. |

encryptPassPhraseWithPublicKey(publicKey, data) ⇒ Promise.<ArrayBuffer>

Encrypts a passphrase using the recipient's public key.

This function uses the RSA-OAEP (RSA Optimal Asymmetric Encryption Padding) algorithm for encryption. RSA-OAEP is a public-key encryption algorithm that combines the RSA algorithm with the OAEP method. RSA is a widely used public-key encryption algorithm that allows for secure data transmission or storage. OAEP is a padding scheme that enhances the security of RSA by preventing certain types of attacks.

Kind: global function
Returns: Promise.<ArrayBuffer> - A promise that resolves with the encrypted passphrase.

| Param | Type | Description | | --- | --- | --- | | publicKey | CryptoKey | Object | The recipient's public key. This can be a CryptoKey object or a JWK. | | data | string | The passphrase to be encrypted. |

Example

const publicKey = await getPublicKey(); // Your function to get the public key
const passphrase = "my secure passphrase";
const encryptedPassphrase = await encryptPassPhraseWithPublicKey(publicKey, passphrase);

decryptPassPhraseWithPrivateKey(privateKey, data) ⇒ Promise.<string>

Decrypts an encrypted passphrase using the recipient's private key.

This function uses the RSA-OAEP (RSA Optimal Asymmetric Encryption Padding) algorithm for decryption. RSA-OAEP is a public-key encryption algorithm that combines the RSA algorithm with the OAEP method. RSA is a widely used public-key encryption algorithm that allows for secure data transmission or storage. OAEP is a padding scheme that enhances the security of RSA by preventing certain types of attacks.

Kind: global function
Returns: Promise.<string> - A promise that resolves with the decrypted passphrase.

| Param | Type | Description | | --- | --- | --- | | privateKey | CryptoKey | Object | The recipient's private key. This can be a CryptoKey object or a JWK. | | data | ArrayBuffer | The encrypted passphrase to be decrypted. |

Example

const privateKey = await getPrivateKey(); // Your function to get the private key
const encryptedPassphrase = await getEncryptedPassphrase(); // Your function to get the encrypted passphrase
const decryptedPassphrase = await decryptPassPhraseWithPrivateKey(privateKey, encryptedPassphrase);

importPrivateKey(jwk) ⇒ Promise.<CryptoKey>

Imports a user's private key from a JWK (JSON Web Key) for decryption purposes.

This function uses the RSA-OAEP (RSA Optimal Asymmetric Encryption Padding) algorithm with SHA-256 hash function. The imported private key is not stored in memory or logged and is removed upon page refresh.

Kind: global function
Returns: Promise.<CryptoKey> - A promise that resolves with the imported private key as a CryptoKey object.

| Param | Type | Description | | --- | --- | --- | | jwk | string | The private key in JWK format as a string. This key is parsed into a JSON object before being imported. |

Example

const jwkString = '{"kty":"RSA",...}'; // Your JWK string
const privateKey = await importPrivateKey(jwkString);

importPublicKey(jwk) ⇒ Promise.<CryptoKey>

Imports a user's public key from a JWK (JSON Web Key) for encryption purposes.

This function uses the RSA-OAEP (RSA Optimal Asymmetric Encryption Padding) algorithm with SHA-256 hash function. The imported public key can be used to encrypt data that can only be decrypted with the corresponding private key.

Kind: global function
Returns: Promise.<CryptoKey> - A promise that resolves with the imported public key as a CryptoKey object.

| Param | Type | Description | | --- | --- | --- | | jwk | string | Object | The public key in JWK format. This can be a string or an object. If it's a string, it will be parsed into a JSON object. |

Example

const jwkString = '{"kty":"RSA",...}'; // Your JWK string
const publicKey = await importPublicKey(jwkString);

generateKeyPair() ⇒ Promise.<Object>

Generates a public and private key pair using the RSA-OAEP algorithm.

This function uses the RSA-OAEP (RSA Optimal Asymmetric Encryption Padding) algorithm with SHA-256 hash function. The generated key pair is then converted into the JWK (JSON Web Key) format by the exportKeys function.

Kind: global function
Returns: Promise.<Object> - A promise that resolves with the generated key pair in JWK format. The returned object has privateKey and publicKey properties.
Example

const jwks = await generateKeyPair();
console.log(jwks.privateKey); // Logs the private key in JWK format
console.log(jwks.publicKey); // Logs the public key in JWK format