npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

jsoncrypt-rsa

v1.2.0

Published

Encrypt and Decrypt Json Data Using RSA Algorithm

Downloads

663

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

raja786raja786

Keywords

nodersacryptoencryptiondecryptionjsoncryptographytypescriptjavascriptsecurityrest-api

Readme

JsonCrypt-RSA

npm version License: MIT Build Status

JsonCrypt-RSA is a open source library for Encrypting the JSON Payload that is supposed to be transmitted over HTTP (POST, PUT, DELETE) from Sender(Frontend) and Decrypt the Payload at Receiver(Backend) and retrieve the Information.

The Encryption and Decryption is based on RSA Algorithm i.e the Payload will be Encrypted using RSA Public Key at Sender and the Payload will be Decrypted using RSA Private Key at the Receiver.

The Encryption and Decryption Logic is implemented by using Node RSA

Workflow

To understand how this library works, lets take two Examples

Example 1

A JSON Payload you want to send via HTTP POST Request For SignUp a User

{
    "username": "raja786",
    "password": "Test5698"
}

Example 2

A JSON Payload you want to send via HTTP POST Request for Transaction

{
    "username": "raja786",
    "sessionId": "8796589ad89effaaed345",
    "accountNo": 25698751225221,
    "isDematAccount": false,
    "transactionAmount": 60000
}

Even though the network may be HTTPS/SSL so that outside attacker can't see the payload but sometimes you may want even the user shouldn't see the payload from the Network tab of Browser Dev Tools, or you don't have the SSL for your Web. So at that time JsonCrypt-RSA comes in.

After Encrypting using JsonCrypt-RSA with a RSA Public Key at Sender this two payload will look like below

{
    "U1/Qrx1CQWhyK+2QkTwsl/U5oi4/Yl5siWSHe9r9qLaQJ1f29tGj+7/Yvf+5Rf3sDdKu8PgcKX0IpANDIkBdIICNY8nDliuJiA5fVc49Y+h4uID9XtjxQJomR7fLmHH/Axe+/01TwxzTLjmYfmWNDHfCCmGsFFHBuUcrogRc4cmBkuObo2DZG1GmnfYrMET0VdnBAvIqKdJ1ED4+C3T2vqDxOYAJkxDXA3kFfZ0ddh/czCU+AWinN+azFNDtyzBrMIehUB8SfvKeJlotpmiJ26MIOnmghJ2jEhJ3RnYnjEfXF5X1SxC8AFQoLQMDe6pPW4hfXyJ0wpWi3nUqRoAwbw==": "RxeEl0VcwoOI8YizzLARvdWcdc2YAb4Xv3kUofTYEmk50/X2LrX050dAqfntDkAuajGLq+a3tLrrhsKRNPshMlssv+MAaG0qc80Xi6GOC26kFd6aRVfbXjs1sHaz2hKx5kB/KV2A1FNpHpNLdbaKKBeyxHZRHpUMzjIzb7oqrBYF0b89rLd3aF5dNgJ8GCS6OIYQiPvvxBl9I3Qzy2GnUGLGvC4LbfVT2mPPgGG1791UxNpw4R5naASyXYTD0OTlYrDtFhS/hLwO7Q0l67y7dmzN78nuBkMgmhKUF6/TAuXGtKu+2fCa/qGTW/gpR67EkcrXVRGYBhFweeQxOJDDgw=="
}

And this will be transmitted over HTTP, which will be Decrypted at Receiver using JsonCrypt-RSA or its equivalent with a RSA Private Key

No Matter the Size or Depth of the JSON Payload, The Encrypted Payload will always have Exactly One Key and Exactly One Value

Installing

npm install jsoncrypt-rsa

Requires nodejs >= 8.11.1

Usage

JavaScript

How to use JsonCrypt-RSA at Sender to Encrypt the JSON Payload

// ***Encryption of JSON Payload***
// Create new Instance Object of JsonCrypt
// Load RSA PublicKey from File
// Set RSA PublicKey in JsonCrypt Instance **Important**
// Get/Create your input Object
// Apply EncryptJson on inputObj and get cryptObject
// Transmit this cryptObject over HTTP
const { JsonCrypt } = require('jsoncrypt-rsa');
const fs = require('fs');

const crypt = new JsonCrypt();
const publicKeyString = fs.readFileSync('./keys/public.pem', 'utf-8');
crypt.SetRsaPublicKey(publicKeyString); 
const inputObj = {
  username: "raja786",
  sessionId: "8796589ad89effaaed345",
  accountNo: 25698751225221,
  isDematAccount: false,
  transactionAmount: 60000,
};

const cryptObject = crypt.EncryptJson(inputObj);
console.log(cryptObject);

How to use JsonCrypt-RSA at Receiver to Decrypt the Encrypted JSON Payload

// ***Decryption of a Encrypted JSON Payload***
// Create new Instance Object of JsonCrypt
// Load RSA PrivateKey from File
// Set RSA PrivateKey in JsonCrypt Instance **Important**
// Get your Encrypted Object cryptObject i.e body of Request Received
// Apply DecryptJson on cryptObject and get DecryptedObject
// Use this DecryptedObject for your furthur use

const { JsonCrypt } = require('jsoncrypt-rsa');
const fs = require('fs');

const deCrypt = new JsonCrypt();
const privateKeyString = fs.readFileSync('./keys/private.pem', 'utf-8');
deCrypt.SetRsaPrivateKey(privateKeyString); 
const cryptObject = /*Your Encrypted JSON Received From Body of HTTP Request*/;

const DecryptedObject = deCrypt.DecryptJson(cryptObject)
console.log(DecryptedObject);

TypeScript

For TypeScript the import statement will be

import { JsonCrypt } from 'jsoncrypt-rsa';

The Encryption Code Logic will be same as JavaScript.

For Decryption Function You can Put an ReturnObject type as Follows

const DecryptedObject = deCrypt.DecryptJson(cryptObject)
// or
const DecryptedObject = deCrypt.DecryptJson<T>(cryptObject)
// Where T is the object Type Default Value object

Properties

SetRsaPublicKey : (key: string) => void

Sets the RSA Public Key of the JsonCrypt instance.

SetRsaPrivateKey: (key: string) => void

Sets the RSA Private Key of the JsonCrypt instance.

EncryptJson: (JsonObject: object) => object

Encrypt a Object using RSA Public Key

Important: Please Set Rsa Public Key using SetRsaPublicKey(key) before invoking EncryptJson(JsonObject)

DecryptJson: <T = object>(JsonObject: object) => T

Decrypt an Encrypted object using RSA Private Key. Default Return type is object

Important: Please Set Rsa Private Key using SetRsaPrivateKey(key) before invoking DecryptJson(JsonObject)

Contributing

Questions, comments, bug reports, and pull requests are all welcome.

License

Copyright (c) 2020 Rajdeep Biswas

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

Licensing for Code Used from node-rsa

Copyright (c) 2014 rzcoder

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.