npm - curtain-web-api - Versions diffs - 1.0.39 → 1.0.41 - Mend

curtain-web-api 1.0.39 → 1.0.41

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/build/classes/curtain-api.js +47 -40
package/package.json +1 -1
package/src/classes/curtain-api.ts +38 -11
package/src/classes/curtain-encryption.ts +65 -1

package/build/classes/curtain-api.js CHANGED Viewed

@@ -22,6 +22,15 @@ var __importStar = (this && this.__importStar) || function (mod) {
     __setModuleDefault(result, mod);
     return result;
 };
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.CurtainWebAPI = exports.reviver = exports.replacer = void 0;
 const curtain_user_1 = require("./curtain-user");
@@ -213,46 +222,44 @@ class CurtainWebAPI {
         encrypted: false,
         e2e: false,
     }, onUploadProgress = undefined) {
-        let form = new FormData();
-        let data = JSON.stringify(settings, exports.replacer);
-        if (enable) {
-            form.append("enable", "True");
-        }
-        else {
-            form.append("enable", "False");
-        }
-        if (encryption.encrypted) {
-            form.append("encrypted", "True");
-        }
-        else {
-            form.append("encrypted", "False");
-        }
-        if (encryption.e2e) {
-            form.append("e2e", "True");
-        }
-        else {
-            form.append("e2e", "False");
-        }
-        if (encryption.encrypted && encryption.e2e && encryption.publicKey !== undefined) {
-            (0, curtain_encryption_1.encryptDataRSA)(data, encryption.publicKey).then((response) => {
-                form.append("file", new Blob([response], { type: 'text/json' }), "curtain-settings.json");
-            });
-        }
-        else {
-            form.append("file", new Blob([data], { type: 'text/json' }), "curtain-settings.json");
-        }
-        form.append("description", description);
-        form.append("curtain_type", sessionType);
-        let headers = new axios_1.AxiosHeaders();
-        headers["Accept"] = "application/json";
-        headers["Content-Type"] = "multipart/form-data";
-        if (onUploadProgress !== undefined) {
-            return this.axiosInstance.post(this.baseURL + "curtain/", form, { headers: headers, responseType: "json", onUploadProgress: onUploadProgress }).then((response) => {
-                return response;
-            });
-        }
-        return this.axiosInstance.post(this.baseURL + "curtain/", form, { headers: headers, responseType: "json" }).then((response) => {
-            return response;
+        return __awaiter(this, void 0, void 0, function* () {
+            let form = new FormData();
+            let data = JSON.stringify(settings, exports.replacer);
+            if (enable) {
+                form.append("enable", "True");
+            }
+            else {
+                form.append("enable", "False");
+            }
+            if (encryption.encrypted) {
+                form.append("encrypted", "True");
+            }
+            else {
+                form.append("encrypted", "False");
+            }
+            if (encryption.e2e) {
+                form.append("e2e", "True");
+            }
+            else {
+                form.append("e2e", "False");
+            }
+            if (encryption.encrypted && encryption.e2e && encryption.publicKey !== undefined) {
+                const response = yield (0, curtain_encryption_1.encryptDataRSA)(data, encryption.publicKey);
+                const base64String = (0, curtain_encryption_1.arrayBufferToBase64String)(response);
+                form.append("file", new Blob([base64String], { type: 'text/json' }), "curtain-settings.json");
+            }
+            else {
+                form.append("file", new Blob([data], { type: 'text/json' }), "curtain-settings.json");
+            }
+            form.append("description", description);
+            form.append("curtain_type", sessionType);
+            let headers = new axios_1.AxiosHeaders();
+            headers["Accept"] = "application/json";
+            headers["Content-Type"] = "multipart/form-data";
+            if (onUploadProgress !== undefined) {
+                return yield this.axiosInstance.post(this.baseURL + "curtain/", form, { headers: headers, responseType: "json", onUploadProgress: onUploadProgress });
+            }
+            return yield this.axiosInstance.post(this.baseURL + "curtain/", form, { headers: headers, responseType: "json" });
         });
     }
     postSettings(id, token, onDownloadProgress = undefined) {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "curtain-web-api",
-  "version": "1.0.39",
+  "version": "1.0.41",
   "description": "",
   "main": "./build/index.js",
   "types": "./build/index.d.ts",

package/src/classes/curtain-api.ts CHANGED Viewed

@@ -1,6 +1,12 @@
 import {User} from "./curtain-user";
 import axios, {AxiosHeaders} from "axios";
-import {CurtainEncryption, encryptDataRSA} from "./curtain-encryption";
+import {
+    arrayBufferToBase64String, base64ToArrayBuffer,
+    CurtainEncryption,
+    encryptAESData, encryptAESKey,
+    encryptDataRSA, exportAESKey,
+    generateAESKey
+} from "./curtain-encryption";
 const base: string = "https://celsus.muttsu.xyz/"
@@ -199,7 +205,7 @@ export class CurtainWebAPI {
     }
-    putSettings(settings: any, enable: boolean = true, description: string = "", sessionType: string = "TP", encryption: CurtainEncryption = {
+    async putSettings(settings: any, enable: boolean = true, description: string = "", sessionType: string = "TP", encryption: CurtainEncryption = {
         encrypted: false,
         e2e: false,
     },   onUploadProgress: any = undefined) {
@@ -222,9 +228,18 @@ export class CurtainWebAPI {
         }
         if (encryption.encrypted && encryption.e2e && encryption.publicKey !== undefined) {
-            encryptDataRSA(data, encryption.publicKey).then((response) => {
-                form.append("file", new Blob([response], {type: 'text/json'}), "curtain-settings.json")
-            })
+            const aesKey = await generateAESKey()
+            const encryptedData = await encryptAESData(aesKey, data)
+            const encryptedKey = await encryptAESKey(encryption.publicKey, await exportAESKey(aesKey))
+            const encryptedIV = await encryptAESKey(encryption.publicKey, base64ToArrayBuffer(encryptedData.iv))
+            const payload = {
+                encryptedData: encryptedData.encrypted,
+                encryptedKey: arrayBufferToBase64String(encryptedKey),
+                encryptedIV: arrayBufferToBase64String(encryptedIV)
+            }
+            form.append("encryptedKey", payload.encryptedKey)
+            form.append("encryptedIV", payload.encryptedIV)
+            form.append("file", new Blob([payload.encryptedData], {type: 'text/json'}), "curtain-settings.json")
         } else {
             form.append("file", new Blob([data], {type: 'text/json'}), "curtain-settings.json")
         }
@@ -235,13 +250,11 @@ export class CurtainWebAPI {
         headers["Accept"] = "application/json";
         headers["Content-Type"] = "multipart/form-data";
         if (onUploadProgress !== undefined) {
-            return this.axiosInstance.post(this.baseURL + "curtain/", form, {headers: headers, responseType:"json", onUploadProgress: onUploadProgress}).then((response) => {
-                return response;
-            });
+            return await this.axiosInstance.post(this.baseURL + "curtain/", form, {headers: headers, responseType:"json", onUploadProgress: onUploadProgress})
+        } else {
+            return await this.axiosInstance.post(this.baseURL + "curtain/", form, {headers: headers, responseType:"json"})
         }
-        return this.axiosInstance.post(this.baseURL + "curtain/", form, {headers: headers, responseType:"json"}).then((response) => {
-            return response;
-        });
     }
     postSettings(id: string, token: string, onDownloadProgress: any = undefined) {
@@ -471,5 +484,19 @@ export class CurtainWebAPI {
         headers["Content-Type"] = "application/json";
         return this.axiosInstance.get(this.baseURL + `stats/summary/${lastNDays}/`, {responseType:"json", headers})
     }
+    postEncryptionFactors(encryptedAESKey: string, encryptedIV: string, linkId: string) {
+        let headers = new AxiosHeaders();
+        headers["Accept"] = "application/json";
+        headers["Content-Type"] = "application/json";
+        return this.axiosInstance.post(this.baseURL + "curtain/" + linkId + "/set_encryption_factors/", {encryption_key: encryptedAESKey, encryption_iv: encryptedIV}, {headers: headers, responseType: "json"}).then((response) => {return response;});
+    }
+    getEncryptionFactors(linkId: string) {
+        let headers = new AxiosHeaders();
+        headers["Accept"] = "application/json";
+        headers["Content-Type"] = "application/json";
+        return this.axiosInstance.get(this.baseURL + "curtain/" + linkId + "/get_encryption_factors/", {headers: headers, responseType: "json"}).then((response) => {return response;});
+    }
 }

package/src/classes/curtain-encryption.ts CHANGED Viewed

@@ -103,4 +103,68 @@ export function pemToArrayBuffer(pem: string) {
   b64Final = b64Final.replace('-----END PUBLIC KEY-----', '');
   return base64ToArrayBuffer(b64Final);
-}
+}
+// a function to generate to encrypt an aes key arraybuffer with a public key
+export async function encryptAESKey(publicKey: CryptoKey, aesKey: ArrayBuffer) {
+  return await crypto.subtle.encrypt({name: "RSA-OAEP"}, publicKey, aesKey)
+}
+// a function to generate an aes key in GCM mode with a length of 256 bits
+export async function generateAESKey() {
+  return await crypto.subtle.generateKey(
+    {
+      name: "AES-GCM",
+      length: 256,
+    },
+    true,
+    ["encrypt", "decrypt"],
+  )
+}
+// a function to encrypt a string with an aes key
+export async function encryptAESData(aesKey: CryptoKey, data: string) {
+  const iv = crypto.getRandomValues(new Uint8Array(12))
+  const enc = new TextEncoder()
+  const encoded = enc.encode(data)
+  const encrypted = await crypto.subtle.encrypt({name: "AES-GCM", iv: iv}, aesKey, encoded)
+  return {encrypted: arrayBufferToBase64String(encrypted), iv: arrayBufferToBase64String(iv)}
+}
+// a function to decrypt a string with an aes key
+export async function decryptAESData(aesKey: CryptoKey, data: string, iv: string) {
+  const dec = new TextDecoder()
+  const decrypted = await crypto.subtle.decrypt({name: "AES-GCM", iv: base64ToArrayBuffer(iv)}, aesKey, base64ToArrayBuffer(data))
+  return dec.decode(decrypted)
+}
+// a function to decrypt an aes key with a private key
+export async function decryptAESKey(privateKey: CryptoKey, encryptedKey: ArrayBuffer) {
+  return await crypto.subtle.decrypt({name: "RSA-OAEP"}, privateKey, encryptedKey)
+}
+// a function to export an aes key to a string
+export async function exportAESKey(key: CryptoKey) {
+  return await crypto.subtle.exportKey("raw", key)
+}
+// a function to import an aes key from a string
+export async function importAESKey(key: ArrayBuffer) {
+  return await crypto.subtle.importKey("raw", key, "AES-GCM", true, ["encrypt", "decrypt"])
+}
+// a function to encrypt aes key with a public key and also use the aes key to encrypt a large string then return the encrypted aes key and the encrypted string
+export async function encryptDataAES(data: string, publicKey: CryptoKey) {
+  const aesKey = await generateAESKey()
+  const encryptedKey = await encryptAESKey(publicKey, await exportAESKey(aesKey))
+  const encryptedData = await encryptAESData(aesKey, data)
+  return {encryptedKey: arrayBufferToBase64String(encryptedKey), encryptedData: encryptedData}
+}
+// a function to decrypt an aes key with a private key and use the aes key to decrypt a large string
+export async function decryptDataAES(encryptedKey: ArrayBuffer, encryptedData: string, iv: string, privateKey: CryptoKey) {
+  const aesKey = await decryptAESKey(privateKey, encryptedKey)
+  //import aes key
+  return await decryptAESData(await importAESKey(aesKey), encryptedData, iv)
+}