npm - @pulkitsinha007/hybrid-crypto-js - Versions diffs - 1.4.2 → 1.5.0 - Mend

@pulkitsinha007/hybrid-crypto-js 1.4.2 → 1.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/README.md +1 -1
package/package.json +1 -1
package/src/crypto.js +1 -1
package/src/index.d.ts +2 -2
package/examples/full-stack/backend/server.js +0 -133
package/examples/full-stack/frontend/client.js +0 -92
package/examples/full-stack/frontend/index.html +0 -39
package/test/asymmetric.test.js +0 -43
package/test/new_flow.test.js +0 -60

package/README.md CHANGED Viewed

@@ -117,7 +117,7 @@ const data = await decryptAsymmetric(encryptedData, privateKey);
 ```
 ### `getCustomSymmetricKey(inputKey)`
-Provides a Crypto Key by taking custom a base string key as the input.
+Provides a Crypto Key by taking a custom base string as the input.
 - **Parameter**:
   - `inputKey`: `string` - Base key string supposed to be used for encoding.
   - `options`: `Object` - Optional Configuration.

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@pulkitsinha007/hybrid-crypto-js",
-  "version": "1.4.2",
+  "version": "1.5.0",
   "description": "Hybrid encryption package using native crypto modules for Node and Browser",
   "type": "module",
   "main": "src/index.js",

package/src/crypto.js CHANGED Viewed

@@ -246,7 +246,7 @@ export async function decryptAsymmetric(encryptedData, privateKey) {
 }
 /**
- * Provides a Crypto Key by taking custom a base string key as the input
+ * Provides a Crypto Key by taking a custom base string as the input
  * @param {string} inputKey - Base key string supposed to be used for encoding
  * @param {Object} [options] - Optional configuration.
  * @param {boolean} [options.extractable=false] - Whether the key can be exported.

package/src/index.d.ts CHANGED Viewed

@@ -110,10 +110,10 @@ export function encryptAsymmetric(data: string | object, publicKey: string): Pro
 export function decryptAsymmetric<T = any>(encryptedData: string, privateKey: string): Promise<T>;
 /**
- * Provides a Crypto Key by taking custom a base string key as the input
+ * Provides a Crypto Key by taking a custom base string as the input
  * @param {string} inputKey - Base key string supposed to be used for encoding
  * @param {Object} [options] - Optional configuration.
  * @param {boolean} [options.extractable=false] - Whether the key can be exported.
  * @returns {Promise<CryptoKey>} The extractable AES encrypted Crypto Key
  */
-export async function getCustomSymmetricKey(inputKey: string, options?: {extractable?: boolean}): Promise<CryptoKey>;
+export function getCustomSymmetricKey(inputKey: string, options?: {extractable?: boolean}): Promise<CryptoKey>;

package/examples/full-stack/backend/server.js DELETED Viewed

@@ -1,133 +0,0 @@
-import http from 'http';
-import fs from 'fs';
-import path from 'path';
-import { fileURLToPath } from 'url';
-import {
-    generateKeyPair,
-    unwrapKey,
-    decryptWithSymmetricKey,
-    encryptWithSymmetricKey
-} from '../../../src/index.js';
-const __filename = fileURLToPath(import.meta.url);
-const __dirname = path.dirname(__filename);
-const PORT = 3000;
-// Store keys in memory
-let publicKey;
-let privateKey;
-// Initialize keys
-(async () => {
-    try {
-        console.log('Generating server keys...');
-        const keys = await generateKeyPair();
-        publicKey = keys.publicKey;
-        privateKey = keys.privateKey;
-        console.log('Server keys generated.');
-    } catch (err) {
-        console.error('Failed to generate keys:', err);
-        process.exit(1);
-    }
-})();
-const server = http.createServer(async (req, res) => {
-    // CORS headers for development convenience
-    res.setHeader('Access-Control-Allow-Origin', '*');
-    res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS');
-    res.setHeader('Access-Control-Allow-Headers', 'Content-Type');
-    if (req.method === 'OPTIONS') {
-        res.writeHead(200);
-        res.end();
-        return;
-    }
-    const url = new URL(req.url, `http://${req.headers.host}`);
-    // API Endpoints
-    if (url.pathname === '/api/public-key' && req.method === 'GET') {
-        res.writeHead(200, { 'Content-Type': 'application/json' });
-        res.end(JSON.stringify({ publicKey }));
-        return;
-    }
-    if (url.pathname === '/api/submit' && req.method === 'POST') {
-        let body = '';
-        req.on('data', chunk => body += chunk);
-        req.on('end', async () => {
-            try {
-                const { wrappedKey, encryptedPackage } = JSON.parse(body);
-                // 1. Unwrap the symmetric key
-                const sessionKey = await unwrapKey(wrappedKey, privateKey);
-                // 2. Decrypt the payload using the session key
-                const decrypted = await decryptWithSymmetricKey(encryptedPackage, sessionKey);
-                console.log('Decrypted message from client:', decrypted);
-                // 3. Prepare a response
-                const responsePayload = {
-                    status: 'success',
-                    receivedMessage: decrypted,
-                    serverTimestamp: Date.now(),
-                    secret: "This is a secret response encrypted with your session key!"
-                };
-                // 4. Encrypt the response with the SAME session key
-                const responsePackage = await encryptWithSymmetricKey(responsePayload, sessionKey);
-                res.writeHead(200, { 'Content-Type': 'application/json' });
-                res.end(JSON.stringify({ encryptedResponse: responsePackage }));
-            } catch (err) {
-                console.error('Processing failed:', err);
-                res.writeHead(500, { 'Content-Type': 'application/json' });
-                res.end(JSON.stringify({ error: 'Processing failed' }));
-            }
-        });
-        return;
-    }
-    // Static File Serving
-    let filePath;
-    if (url.pathname === '/') {
-        filePath = path.join(__dirname, '../frontend/index.html');
-    } else if (url.pathname === '/client.js') {
-        filePath = path.join(__dirname, '../frontend/client.js');
-    } else if (url.pathname.startsWith('/src/')) {
-        // Map /src/xxx to ../../../src/xxx
-        const relativePath = url.pathname.replace('/src/', '');
-        filePath = path.join(__dirname, '../../../src', relativePath);
-    } else {
-        res.writeHead(404);
-        res.end('Not Found');
-        return;
-    }
-    const ext = path.extname(filePath);
-    let contentType = 'text/html';
-    if (ext === '.js') contentType = 'application/javascript';
-    fs.readFile(filePath, (err, content) => {
-        if (err) {
-            if (err.code === 'ENOENT') {
-                console.log('404 Not Found:', filePath);
-                res.writeHead(404);
-                res.end('Not Found');
-            } else {
-                console.error('500 Server Error:', err);
-                res.writeHead(500);
-                res.end('Server Error');
-            }
-        } else {
-            res.writeHead(200, { 'Content-Type': contentType });
-            res.end(content);
-        }
-    });
-});
-server.listen(PORT, () => {
-    console.log(`Server running at http://localhost:${PORT}/`);
-});

package/examples/full-stack/frontend/client.js DELETED Viewed

@@ -1,92 +0,0 @@
-import {
-    createSymmetricKey,
-    wrapKey,
-    encryptWithSymmetricKey,
-    decryptWithSymmetricKey
-} from '/src/index.js';
-let serverPublicKey;
-const statusMain = document.getElementById('status-main');
-async function init() {
-    try {
-        // 1. Fetch Server Public Key (Client doesn't need its own RSA key pair anymore)
-        const res = await fetch('/api/public-key');
-        const data = await res.json();
-        serverPublicKey = data.publicKey;
-        console.log('Server public key fetched.');
-        statusMain.textContent = 'Ready. Server Public Key initialized.';
-        statusMain.style.color = 'green';
-    } catch (err) {
-        console.error(err);
-        statusMain.textContent = 'Error initializing keys. Check console.';
-        statusMain.style.color = 'red';
-    }
-}
-document.getElementById('btn-send').addEventListener('click', async () => {
-    const input = document.getElementById('input-message').value;
-    const resultDiv = document.getElementById('result-send');
-    if (!input) {
-        alert('Please enter a message');
-        return;
-    }
-    try {
-        resultDiv.innerHTML = 'Generating Session Key & Encrypting...';
-        // 1. Generate a fresh AES Session Key
-        const sessionKey = await createSymmetricKey();
-        // 2. Wrap the session key with Server's Public Key
-        const wrappedKey = await wrapKey(sessionKey, serverPublicKey);
-        // 3. Encrypt the payload with the Session Key
-        const encryptedPackage = await encryptWithSymmetricKey(input, sessionKey);
-        resultDiv.innerHTML += '<br>Sending wrapped key & encrypted package...';
-        const res = await fetch('/api/submit', {
-            method: 'POST',
-            body: JSON.stringify({
-                wrappedKey,
-                encryptedPackage
-            })
-        });
-        const data = await res.json();
-        if (data.error) {
-            throw new Error(data.error);
-        }
-        const { encryptedResponse } = data;
-        resultDiv.innerHTML += '<br>Received encrypted response. Decrypting with Session Key...';
-        // 4. Decrypt the response with the SAME Session Key
-        const decryptedResponse = await decryptWithSymmetricKey(encryptedResponse, sessionKey);
-        resultDiv.innerHTML = `
-            <strong>Status:</strong> Success<br>
-            <strong>Server Response Decrypted:</strong> <pre>${JSON.stringify(decryptedResponse, null, 2)}</pre>
-        `;
-    } catch (err) {
-        console.error(err);
-        resultDiv.textContent = 'Error during session: ' + err.message;
-    }
-});
-// Disable the old "Get Secret" button as it's not part of the new flow
-const btnGet = document.getElementById('btn-get');
-if (btnGet) {
-    btnGet.disabled = true;
-    btnGet.textContent = "Deprecated (See Session Flow above)";
-    const resultGet = document.getElementById('result-get');
-    if (resultGet) resultGet.textContent = "This feature is replaced by the bidirectional session flow above.";
-}
-init();

package/examples/full-stack/frontend/index.html DELETED Viewed

@@ -1,39 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-<head>
-    <meta charset="UTF-8">
-    <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <title>Hybrid Crypto Full Stack Example</title>
-    <style>
-        body { font-family: sans-serif; max-width: 800px; margin: 0 auto; padding: 20px; }
-        section { border: 1px solid #ccc; padding: 20px; margin-bottom: 20px; border-radius: 8px; }
-        textarea { width: 100%; height: 60px; }
-        button { padding: 10px 20px; cursor: pointer; }
-        pre { background: #f4f4f4; padding: 10px; overflow-x: auto; }
-        .status { margin-top: 10px; font-weight: bold; }
-    </style>
-</head>
-<body>
-    <h1>Hybrid Crypto Full Stack Example</h1>
-    <div id="status-main" class="status">Initializing Keys...</div>
-    <section>
-        <h2>1. Client -> Server (Secure Submit)</h2>
-        <p>Encrypt a message with the Server's Public Key. Only the server can decrypt it.</p>
-        <textarea id="input-message" placeholder="Type a secret message..."></textarea>
-        <br><br>
-        <button id="btn-send">Encrypt & Send</button>
-        <div id="result-send"></div>
-    </section>
-    <section>
-        <h2>2. Server -> Client (Secure Retrieve)</h2>
-        <p>Request a secret message from the server. The server will encrypt it with your Client Public Key.</p>
-        <button id="btn-get">Get Secret Message</button>
-        <div id="result-get"></div>
-    </section>
-    <script type="module" src="./client.js"></script>
-</body>
-</html>

package/test/asymmetric.test.js DELETED Viewed

@@ -1,43 +0,0 @@
-import { test, describe, it } from 'node:test';
-import assert from 'node:assert';
-import {
-  generateKeyPair,
-  encryptAsymmetric,
-  decryptAsymmetric
-} from '../src/index.js';
-describe('Asymmetric Encryption (RSA-OAEP)', () => {
-  it('should encrypt and decrypt a plain string', async () => {
-    const { publicKey, privateKey } = await generateKeyPair();
-    const originalData = "Hello, Asymmetric World!";
-    const encryptedData = await encryptAsymmetric(originalData, publicKey);
-    assert.notStrictEqual(encryptedData, originalData);
-    const decryptedData = await decryptAsymmetric(encryptedData, privateKey);
-    assert.strictEqual(decryptedData, originalData);
-  });
-  it('should encrypt and decrypt a JSON object', async () => {
-    const { publicKey, privateKey } = await generateKeyPair();
-    const originalData = { foo: "bar", baz: 123 };
-    const encryptedData = await encryptAsymmetric(originalData, publicKey);
-    const decryptedData = await decryptAsymmetric(encryptedData, privateKey);
-    assert.deepStrictEqual(decryptedData, originalData);
-  });
-  it('should fail to decrypt with the wrong private key', async () => {
-    const keys1 = await generateKeyPair();
-    const keys2 = await generateKeyPair();
-    const originalData = "Secret message";
-    const encryptedData = await encryptAsymmetric(originalData, keys1.publicKey);
-    await assert.rejects(
-      () => decryptAsymmetric(encryptedData, keys2.privateKey),
-      /OperationError|DataError/
-    );
-  });
-});

package/test/new_flow.test.js DELETED Viewed

@@ -1,60 +0,0 @@
-import { test, describe, it, before } from 'node:test';
-import assert from 'node:assert';
-import {
-  generateKeyPair,
-  createSymmetricKey,
-  wrapKey,
-  unwrapKey,
-  encryptWithSymmetricKey,
-  decryptWithSymmetricKey
-} from '../src/index.js';
-describe('New Hybrid Flow (Session Based)', () => {
-  let backendPublicKey;
-  let backendPrivateKey;
-  before(async () => {
-    // 1. Backend setup: Generate RSA Key Pair
-    const keys = await generateKeyPair();
-    backendPublicKey = keys.publicKey;
-    backendPrivateKey = keys.privateKey;
-  });
-  it('should successfully complete the full session flow', async () => {
-    const clientPayload = "Request: Give me the secret";
-    const serverResponsePayload = "Response: Here is the secret [12345]";
-    // --- FRONTEND SIDE (Request) ---
-    // 2. Client generates AES key
-    const clientAesKey = await createSymmetricKey();
-    // 3. Client wraps AES key with Backend Public Key
-    const wrappedKey = await wrapKey(clientAesKey, backendPublicKey);
-    // 4. Client encrypts payload with AES key
-    const clientEncryptedPackage = await encryptWithSymmetricKey(clientPayload, clientAesKey);
-    // Client sends { wrappedKey, encryptedPayload: ... } to backend
-    // --- BACKEND SIDE ---
-    // 5. Backend receives package. Unwraps AES key.
-    const serverAesKey = await unwrapKey(wrappedKey, backendPrivateKey);
-    // 6. Backend decrypts payload
-    const decryptedRequest = await decryptWithSymmetricKey(clientEncryptedPackage, serverAesKey);
-    assert.strictEqual(decryptedRequest, clientPayload, "Backend failed to decrypt client request");
-    // 7. Backend encrypts response with SAME AES key
-    const serverEncryptedPackage = await encryptWithSymmetricKey(serverResponsePayload, serverAesKey);
-    // Backend sends { encryptedResponse: ... } to client
-    // --- FRONTEND SIDE (Response) ---
-    // 8. Client receives encrypted response. Decrypts with original AES key.
-    const decryptedResponse = await decryptWithSymmetricKey(serverEncryptedPackage, clientAesKey);
-    assert.strictEqual(decryptedResponse, serverResponsePayload, "Client failed to decrypt server response");
-  });
-});