npm
Sign UpSign In

@qnx/crypto
TypeScript icon, indicating that this package has built-in type declarations

0.6.16 • Public • Published

@qnx/crypto

@qnx/crypto provides utility functions to generate and decrypt JSON Web Signatures (JWS) and JSON Web Encryption (JWE) using the jose cryptography library for secure data transmission.

Installation

Use the package manager npm to install @qnx/crypto.

npm install @qnx/crypto

You can also use yarn & pnpm

yarn add @qnx/crypto
pnpm install @qnx/crypto

Peer-Dependencies

@qnx/crypto is using JOSE.

npm install jose

Usage

Core functions

  • jwtSign
  • jwtVerify
  • jweEncrypt
  • jweDecrypt

jwtSign: Signs and returns the JWT.

import { jwtSign, toSymmetricSecret } from '@qnx/crypto'

const dataVal = {
  foo: 'bar'
}
const jwt = await jwtSign({ data: dataVal }, toSymmetricSecret('SECRET_STRING'), {
  alg: 'HS256'
})

jwtVerify: Verifies the JWT format, signature, and claims set.

import { jwtVerify, toSymmetricSecret } from '@qnx/crypto'

const { payload } = await jwtVerify(jwt, toSymmetricSecret('SECRET_STRING'))

jweEncrypt: Encrypts a value of the JWE string.

import { jweEncrypt, toPKCS8Secret } from '@qnx/crypto'

const secret = await toPKCS8Secret(process.env['ENCRYPTION_SECRET_JWE'], 'ECDH-ES+A128KW')
const dataVal = 'this is message.'
const jwe = await jweEncrypt(dataVal, secret)

jweDecrypt: Decrypts a JWE.

import { jweDecrypt, toPKCS8Secret } from '@qnx/crypto'

const secret = await toPKCS8Secret(process.env['ENCRYPTION_SECRET_JWE'], 'ECDH-ES+A128KW')
const jwe = 'JWE_TOKEN'
const { plaintext } = await jweDecrypt(jwe, secret)

JWE Authentication Token

Setup

Ensure you have the necessary environment variables set:

ENCRYPTION_SECRET_JWT: The secret key used for JWT signing
ENCRYPTION_SECRET_JWE: The secret key used for JWT encryption

Generate Auth Token

generateAuthToken: Creates a JWE for authentication purposes.

import { generateAuthToken } from '@qnx/crypto'

const subject = 'userId'
const { token, dbToken } = await generateToken(subject)
// token: The encrypted JWT token
// dbToken: The unique identifier associated with the token

Decrypt Auth Token

decryptToken: Decrypts a JWE token and verifies its authenticity.

import { decryptAuthToken } from '@qnx/crypto'

const encryptedToken = '...' // Replace with the encrypted token
try {
  const decryptedPayload = await decryptToken(encryptedToken)
  // decryptedPayload: The decoded payload from the token
} catch (error) {
  // Handle decryption errors
  console.error('Token decryption failed:', error)
}

Contributing

Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change. Please make sure to update tests as appropriate.

License

MIT License © 2023-PRESENT Yatendra Kushwaha

Readme

Keywords

none

Package Sidebar

Install

npm i @qnx/crypto

Repository

github.com/yatendra121/qnx

Homepage

github.com/yatendra121/qnx/tree/main/packages/crypto

Fund this package

Weekly Downloads

3

Version

0.6.16

License

MIT

Unpacked Size

14.4 kB

Total Files

6

Last publish

Collaborators

  • yatendra121kushwaha
Try on RunKit
Report malware