curtain-web-api 1.0.40 → 1.0.42

package/build/classes/curtain-api.d.ts

@@ -43,4 +43,6 @@ export declare class CurtainWebAPI {
     getDataAllListCategory(): Promise<import("axios").AxiosResponse<any, any>>;
     postCompareSession(idList: string[], matchType: string, studyList: string[], sessionId: string): Promise<import("axios").AxiosResponse<any, any>>;
     getStatsSummary(lastNDays: number): Promise<import("axios").AxiosResponse<any, any>>;
+    postEncryptionFactors(encryptedAESKey: string, encryptedIV: string, linkId: string): Promise<import("axios").AxiosResponse<any, any>>;
+    getEncryptionFactors(linkId: string): Promise<import("axios").AxiosResponse<any, any>>;
 }

package/build/classes/curtain-api.js

@@ -244,9 +244,22 @@ class CurtainWebAPI {
                 form.append("e2e", "False");
             }
             if (encryption.encrypted && encryption.e2e && encryption.publicKey !== undefined) {
-                const response = yield (0, curtain_encryption_1.encryptDataRSA)(data, encryption.publicKey);
-                const base64String = (0, curtain_encryption_1.arrayBufferToBase64String)(response);
-                form.append("file", new Blob([base64String], { type: 'text/json' }), "curtain-settings.json");
+                const aesKey = yield (0, curtain_encryption_1.generateAESKey)();
+                console.log("Encrypting data");
+                const encryptedData = yield (0, curtain_encryption_1.encryptAESData)(aesKey, data);
+                const encryptedKey = yield (0, curtain_encryption_1.encryptAESKey)(encryption.publicKey, yield (0, curtain_encryption_1.exportAESKey)(aesKey));
+                console.log(encryptedKey);
+                const encryptedIV = yield (0, curtain_encryption_1.encryptAESKey)(encryption.publicKey, (0, curtain_encryption_1.base64ToArrayBuffer)(encryptedData.iv));
+                console.log(encryptedIV);
+                const payload = {
+                    encryptedData: encryptedData.encrypted,
+                    encryptedKey: (0, curtain_encryption_1.arrayBufferToBase64String)(encryptedKey),
+                    encryptedIV: (0, curtain_encryption_1.arrayBufferToBase64String)(encryptedIV)
+                };
+                console.log(payload);
+                form.append("encryptedKey", payload.encryptedKey);
+                form.append("encryptedIV", payload.encryptedIV);
+                form.append("file", new Blob([payload.encryptedData], { type: 'text/json' }), "curtain-settings.json");
             }
             else {
                 form.append("file", new Blob([data], { type: 'text/json' }), "curtain-settings.json");
@@ -256,10 +269,13 @@ class CurtainWebAPI {
             let headers = new axios_1.AxiosHeaders();
             headers["Accept"] = "application/json";
             headers["Content-Type"] = "multipart/form-data";
+            console.log(form);
             if (onUploadProgress !== undefined) {
                 return yield this.axiosInstance.post(this.baseURL + "curtain/", form, { headers: headers, responseType: "json", onUploadProgress: onUploadProgress });
             }
-            return yield this.axiosInstance.post(this.baseURL + "curtain/", form, { headers: headers, responseType: "json" });
+            else {
+                return yield this.axiosInstance.post(this.baseURL + "curtain/", form, { headers: headers, responseType: "json" });
+            }
         });
     }
     postSettings(id, token, onDownloadProgress = undefined) {
@@ -460,5 +476,17 @@ class CurtainWebAPI {
         headers["Content-Type"] = "application/json";
         return this.axiosInstance.get(this.baseURL + `stats/summary/${lastNDays}/`, { responseType: "json", headers });
     }
+    postEncryptionFactors(encryptedAESKey, encryptedIV, linkId) {
+        let headers = new axios_1.AxiosHeaders();
+        headers["Accept"] = "application/json";
+        headers["Content-Type"] = "application/json";
+        return this.axiosInstance.post(this.baseURL + "curtain/" + linkId + "/set_encryption_factors/", { encryption_key: encryptedAESKey, encryption_iv: encryptedIV }, { headers: headers, responseType: "json" }).then((response) => { return response; });
+    }
+    getEncryptionFactors(linkId) {
+        let headers = new axios_1.AxiosHeaders();
+        headers["Accept"] = "application/json";
+        headers["Content-Type"] = "application/json";
+        return this.axiosInstance.get(this.baseURL + "curtain/" + linkId + "/get_encryption_factors/", { headers: headers, responseType: "json" }).then((response) => { return response; });
+    }
 }
 exports.CurtainWebAPI = CurtainWebAPI;

package/build/classes/curtain-encryption.d.ts

@@ -18,3 +18,21 @@ export declare function arrayBufferToBase64String(arrayBuffer: ArrayBuffer): str
 export declare function removeLines(str_data: string): string;
 export declare function base64ToArrayBuffer(b64: string): Uint8Array;
 export declare function pemToArrayBuffer(pem: string): Uint8Array;
+export declare function encryptAESKey(publicKey: CryptoKey, aesKey: ArrayBuffer): Promise<ArrayBuffer>;
+export declare function generateAESKey(): Promise<CryptoKey>;
+export declare function encryptAESData(aesKey: CryptoKey, data: string): Promise<{
+    encrypted: string;
+    iv: string;
+}>;
+export declare function decryptAESData(aesKey: CryptoKey, data: string, iv: string): Promise<string>;
+export declare function decryptAESKey(privateKey: CryptoKey, encryptedKey: ArrayBuffer): Promise<ArrayBuffer>;
+export declare function exportAESKey(key: CryptoKey): Promise<ArrayBuffer>;
+export declare function importAESKey(key: ArrayBuffer): Promise<CryptoKey>;
+export declare function encryptDataAES(data: string, publicKey: CryptoKey): Promise<{
+    encryptedKey: string;
+    encryptedData: {
+        encrypted: string;
+        iv: string;
+    };
+}>;
+export declare function decryptDataAES(encryptedKey: ArrayBuffer, encryptedData: string, iv: string, privateKey: CryptoKey): Promise<string>;

package/build/classes/curtain-encryption.js

@@ -9,7 +9,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
     });
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.pemToArrayBuffer = exports.base64ToArrayBuffer = exports.removeLines = exports.arrayBufferToBase64String = exports.loadFromLocalStorage = exports.saveToLocalStorage = exports.exportKeyString = exports.importKey = exports.exportPrivateKey = exports.exportPublicKey = exports.generateKeyPair = exports.importPrivateKey = exports.importPublicKey = exports.decryptDataRSA = exports.encryptDataRSA = void 0;
+exports.decryptDataAES = exports.encryptDataAES = exports.importAESKey = exports.exportAESKey = exports.decryptAESKey = exports.decryptAESData = exports.encryptAESData = exports.generateAESKey = exports.encryptAESKey = exports.pemToArrayBuffer = exports.base64ToArrayBuffer = exports.removeLines = exports.arrayBufferToBase64String = exports.loadFromLocalStorage = exports.saveToLocalStorage = exports.exportKeyString = exports.importKey = exports.exportPrivateKey = exports.exportPublicKey = exports.generateKeyPair = exports.importPrivateKey = exports.importPublicKey = exports.decryptDataRSA = exports.encryptDataRSA = void 0;
 function encryptDataRSA(data, publicKey) {
     return crypto.subtle.encrypt({ name: 'RSA-OAEP' }, publicKey, new TextEncoder().encode(data));
 }
@@ -125,3 +125,80 @@ function pemToArrayBuffer(pem) {
     return base64ToArrayBuffer(b64Final);
 }
 exports.pemToArrayBuffer = pemToArrayBuffer;
+// a function to generate to encrypt an aes key arraybuffer with a public key
+function encryptAESKey(publicKey, aesKey) {
+    return __awaiter(this, void 0, void 0, function* () {
+        return yield crypto.subtle.encrypt({ name: "RSA-OAEP" }, publicKey, aesKey);
+    });
+}
+exports.encryptAESKey = encryptAESKey;
+// a function to generate an aes key in GCM mode with a length of 256 bits
+function generateAESKey() {
+    return __awaiter(this, void 0, void 0, function* () {
+        return yield crypto.subtle.generateKey({
+            name: "AES-GCM",
+            length: 256,
+        }, true, ["encrypt", "decrypt"]);
+    });
+}
+exports.generateAESKey = generateAESKey;
+// a function to encrypt a string with an aes key
+function encryptAESData(aesKey, data) {
+    return __awaiter(this, void 0, void 0, function* () {
+        const iv = crypto.getRandomValues(new Uint8Array(12));
+        const enc = new TextEncoder();
+        const encoded = enc.encode(data);
+        const encrypted = yield crypto.subtle.encrypt({ name: "AES-GCM", iv: iv }, aesKey, encoded);
+        return { encrypted: arrayBufferToBase64String(encrypted), iv: arrayBufferToBase64String(iv) };
+    });
+}
+exports.encryptAESData = encryptAESData;
+// a function to decrypt a string with an aes key
+function decryptAESData(aesKey, data, iv) {
+    return __awaiter(this, void 0, void 0, function* () {
+        const dec = new TextDecoder();
+        const decrypted = yield crypto.subtle.decrypt({ name: "AES-GCM", iv: base64ToArrayBuffer(iv) }, aesKey, base64ToArrayBuffer(data));
+        return dec.decode(decrypted);
+    });
+}
+exports.decryptAESData = decryptAESData;
+// a function to decrypt an aes key with a private key
+function decryptAESKey(privateKey, encryptedKey) {
+    return __awaiter(this, void 0, void 0, function* () {
+        return yield crypto.subtle.decrypt({ name: "RSA-OAEP" }, privateKey, encryptedKey);
+    });
+}
+exports.decryptAESKey = decryptAESKey;
+// a function to export an aes key to a string
+function exportAESKey(key) {
+    return __awaiter(this, void 0, void 0, function* () {
+        return yield crypto.subtle.exportKey("raw", key);
+    });
+}
+exports.exportAESKey = exportAESKey;
+// a function to import an aes key from a string
+function importAESKey(key) {
+    return __awaiter(this, void 0, void 0, function* () {
+        return yield crypto.subtle.importKey("raw", key, "AES-GCM", true, ["encrypt", "decrypt"]);
+    });
+}
+exports.importAESKey = importAESKey;
+// a function to encrypt aes key with a public key and also use the aes key to encrypt a large string then return the encrypted aes key and the encrypted string
+function encryptDataAES(data, publicKey) {
+    return __awaiter(this, void 0, void 0, function* () {
+        const aesKey = yield generateAESKey();
+        const encryptedKey = yield encryptAESKey(publicKey, yield exportAESKey(aesKey));
+        const encryptedData = yield encryptAESData(aesKey, data);
+        return { encryptedKey: arrayBufferToBase64String(encryptedKey), encryptedData: encryptedData };
+    });
+}
+exports.encryptDataAES = encryptDataAES;
+// a function to decrypt an aes key with a private key and use the aes key to decrypt a large string
+function decryptDataAES(encryptedKey, encryptedData, iv, privateKey) {
+    return __awaiter(this, void 0, void 0, function* () {
+        const aesKey = yield decryptAESKey(privateKey, encryptedKey);
+        //import aes key
+        return yield decryptAESData(yield importAESKey(aesKey), encryptedData, iv);
+    });
+}
+exports.decryptDataAES = decryptDataAES;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "curtain-web-api",
-  "version": "1.0.40",
+  "version": "1.0.42",
   "description": "",
   "main": "./build/index.js",
   "types": "./build/index.d.ts",

package/src/classes/curtain-api.ts

@@ -1,6 +1,12 @@
 import {User} from "./curtain-user";
 import axios, {AxiosHeaders} from "axios";
-import {arrayBufferToBase64String, CurtainEncryption, encryptDataRSA} from "./curtain-encryption";
+import {
+    arrayBufferToBase64String, base64ToArrayBuffer,
+    CurtainEncryption,
+    encryptAESData, encryptAESKey,
+    encryptDataRSA, exportAESKey,
+    generateAESKey
+} from "./curtain-encryption";
 
 const base: string = "https://celsus.muttsu.xyz/"
 
@@ -222,9 +228,22 @@ export class CurtainWebAPI {
         }
 
         if (encryption.encrypted && encryption.e2e && encryption.publicKey !== undefined) {
-            const response = await encryptDataRSA(data, encryption.publicKey)
-            const base64String = arrayBufferToBase64String(response)
-            form.append("file", new Blob([base64String], {type: 'text/json'}), "curtain-settings.json")
+            const aesKey = await generateAESKey()
+            console.log("Encrypting data")
+            const encryptedData = await encryptAESData(aesKey, data)
+            const encryptedKey = await encryptAESKey(encryption.publicKey, await exportAESKey(aesKey))
+            console.log(encryptedKey)
+            const encryptedIV = await encryptAESKey(encryption.publicKey, base64ToArrayBuffer(encryptedData.iv))
+            console.log(encryptedIV)
+            const payload = {
+                encryptedData: encryptedData.encrypted,
+                encryptedKey: arrayBufferToBase64String(encryptedKey),
+                encryptedIV: arrayBufferToBase64String(encryptedIV)
+            }
+            console.log(payload)
+            form.append("encryptedKey", payload.encryptedKey)
+            form.append("encryptedIV", payload.encryptedIV)
+            form.append("file", new Blob([payload.encryptedData], {type: 'text/json'}), "curtain-settings.json")
         } else {
             form.append("file", new Blob([data], {type: 'text/json'}), "curtain-settings.json")
         }
@@ -234,10 +253,13 @@ export class CurtainWebAPI {
         let headers = new AxiosHeaders();
         headers["Accept"] = "application/json";
         headers["Content-Type"] = "multipart/form-data";
+        console.log(form)
         if (onUploadProgress !== undefined) {
             return await this.axiosInstance.post(this.baseURL + "curtain/", form, {headers: headers, responseType:"json", onUploadProgress: onUploadProgress})
+        } else {
+            return await this.axiosInstance.post(this.baseURL + "curtain/", form, {headers: headers, responseType:"json"})
         }
-        return await this.axiosInstance.post(this.baseURL + "curtain/", form, {headers: headers, responseType:"json"})
+
     }
 
     postSettings(id: string, token: string, onDownloadProgress: any = undefined) {
@@ -467,5 +489,19 @@ export class CurtainWebAPI {
         headers["Content-Type"] = "application/json";
         return this.axiosInstance.get(this.baseURL + `stats/summary/${lastNDays}/`, {responseType:"json", headers})
     }
+
+    postEncryptionFactors(encryptedAESKey: string, encryptedIV: string, linkId: string) {
+        let headers = new AxiosHeaders();
+        headers["Accept"] = "application/json";
+        headers["Content-Type"] = "application/json";
+        return this.axiosInstance.post(this.baseURL + "curtain/" + linkId + "/set_encryption_factors/", {encryption_key: encryptedAESKey, encryption_iv: encryptedIV}, {headers: headers, responseType: "json"}).then((response) => {return response;});
+    }
+
+    getEncryptionFactors(linkId: string) {
+        let headers = new AxiosHeaders();
+        headers["Accept"] = "application/json";
+        headers["Content-Type"] = "application/json";
+        return this.axiosInstance.get(this.baseURL + "curtain/" + linkId + "/get_encryption_factors/", {headers: headers, responseType: "json"}).then((response) => {return response;});
+    }
 }
 

package/src/classes/curtain-encryption.ts

@@ -103,4 +103,68 @@ export function pemToArrayBuffer(pem: string) {
   b64Final = b64Final.replace('-----END PUBLIC KEY-----', '');
 
   return base64ToArrayBuffer(b64Final);
-}
+}
+
+// a function to generate to encrypt an aes key arraybuffer with a public key
+export async function encryptAESKey(publicKey: CryptoKey, aesKey: ArrayBuffer) {
+  return await crypto.subtle.encrypt({name: "RSA-OAEP"}, publicKey, aesKey)
+}
+
+// a function to generate an aes key in GCM mode with a length of 256 bits
+export async function generateAESKey() {
+  return await crypto.subtle.generateKey(
+    {
+      name: "AES-GCM",
+      length: 256,
+    },
+    true,
+    ["encrypt", "decrypt"],
+  )
+}
+
+// a function to encrypt a string with an aes key
+export async function encryptAESData(aesKey: CryptoKey, data: string) {
+  const iv = crypto.getRandomValues(new Uint8Array(12))
+  const enc = new TextEncoder()
+  const encoded = enc.encode(data)
+  const encrypted = await crypto.subtle.encrypt({name: "AES-GCM", iv: iv}, aesKey, encoded)
+  return {encrypted: arrayBufferToBase64String(encrypted), iv: arrayBufferToBase64String(iv)}
+}
+
+// a function to decrypt a string with an aes key
+export async function decryptAESData(aesKey: CryptoKey, data: string, iv: string) {
+  const dec = new TextDecoder()
+  const decrypted = await crypto.subtle.decrypt({name: "AES-GCM", iv: base64ToArrayBuffer(iv)}, aesKey, base64ToArrayBuffer(data))
+  return dec.decode(decrypted)
+}
+
+// a function to decrypt an aes key with a private key
+export async function decryptAESKey(privateKey: CryptoKey, encryptedKey: ArrayBuffer) {
+  return await crypto.subtle.decrypt({name: "RSA-OAEP"}, privateKey, encryptedKey)
+}
+
+// a function to export an aes key to a string
+export async function exportAESKey(key: CryptoKey) {
+  return await crypto.subtle.exportKey("raw", key)
+}
+// a function to import an aes key from a string
+export async function importAESKey(key: ArrayBuffer) {
+  return await crypto.subtle.importKey("raw", key, "AES-GCM", true, ["encrypt", "decrypt"])
+}
+
+// a function to encrypt aes key with a public key and also use the aes key to encrypt a large string then return the encrypted aes key and the encrypted string
+export async function encryptDataAES(data: string, publicKey: CryptoKey) {
+  const aesKey = await generateAESKey()
+  const encryptedKey = await encryptAESKey(publicKey, await exportAESKey(aesKey))
+  const encryptedData = await encryptAESData(aesKey, data)
+  return {encryptedKey: arrayBufferToBase64String(encryptedKey), encryptedData: encryptedData}
+}
+
+// a function to decrypt an aes key with a private key and use the aes key to decrypt a large string
+export async function decryptDataAES(encryptedKey: ArrayBuffer, encryptedData: string, iv: string, privateKey: CryptoKey) {
+  const aesKey = await decryptAESKey(privateKey, encryptedKey)
+  //import aes key
+  return await decryptAESData(await importAESKey(aesKey), encryptedData, iv)
+}
+
+