devendra-skill-package 1.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.github/skills/boiler-project-generator/SKILL.md +103 -0
- package/.github/skills/boiler-project-generator/assets/templates/android/README.md +3 -0
- package/.github/skills/boiler-project-generator/assets/templates/angular/README.md +3 -0
- package/.github/skills/boiler-project-generator/assets/templates/flutter/README.md +3 -0
- package/.github/skills/boiler-project-generator/assets/templates/ios/README.md +3 -0
- package/.github/skills/boiler-project-generator/assets/templates/react/README.md +3 -0
- package/.github/skills/boiler-project-generator/assets/templates/react-native/README.md +3 -0
- package/.github/skills/boiler-project-generator/assets/templates/react-native/api-setup.ts +76 -0
- package/.github/skills/boiler-project-generator/assets/templates/react-native/component-primary-button.tsx +29 -0
- package/.github/skills/boiler-project-generator/assets/templates/react-native/env-config.env +4 -0
- package/.github/skills/boiler-project-generator/assets/templates/react-native/feature-auth-screen.tsx +45 -0
- package/.github/skills/boiler-project-generator/assets/templates/react-native/feature-dashboard-screen.tsx +45 -0
- package/.github/skills/boiler-project-generator/assets/templates/react-native/feature-profile-screen.tsx +45 -0
- package/.github/skills/boiler-project-generator/assets/templates/react-native/hook-use-app-boot.ts +11 -0
- package/.github/skills/boiler-project-generator/assets/templates/react-native/navigation-setup.tsx +25 -0
- package/.github/skills/boiler-project-generator/assets/templates/react-native/project-structure.md +24 -0
- package/.github/skills/boiler-project-generator/assets/templates/react-native/redux-hooks.ts +5 -0
- package/.github/skills/boiler-project-generator/assets/templates/react-native/redux-session-slice.ts +29 -0
- package/.github/skills/boiler-project-generator/assets/templates/react-native/redux-store.ts +15 -0
- package/.github/skills/boiler-project-generator/assets/templates/react-native/theme-index.ts +23 -0
- package/.github/skills/boiler-project-generator/assets/templates/react-native/utils-helpers.ts +7 -0
- package/.github/skills/boiler-project-generator/metadata.yaml +29 -0
- package/.github/skills/boiler-project-generator/references/android.md +19 -0
- package/.github/skills/boiler-project-generator/references/angular.md +14 -0
- package/.github/skills/boiler-project-generator/references/flutter.md +17 -0
- package/.github/skills/boiler-project-generator/references/ios.md +17 -0
- package/.github/skills/boiler-project-generator/references/react-native.md +103 -0
- package/.github/skills/boiler-project-generator/references/react.md +17 -0
- package/.github/skills/boiler-project-generator/scripts/angular.js +43 -0
- package/.github/skills/boiler-project-generator/scripts/generate-project.mjs +107 -0
- package/.github/skills/boiler-project-generator/scripts/init.js +105 -0
- package/.github/skills/boiler-project-generator/scripts/react-native.js +1041 -0
- package/.github/skills/boiler-project-generator/scripts/react.js +32 -0
- package/.github/skills/clean-architecture-generator/SKILL.md +235 -0
- package/.github/skills/clean-architecture-generator/references/architecture-core.md +126 -0
- package/.github/skills/clean-architecture-generator/references/platform-angular.md +374 -0
- package/.github/skills/clean-architecture-generator/references/platform-flutter.md +366 -0
- package/.github/skills/clean-architecture-generator/references/platform-react-native.md +590 -0
- package/.github/skills/clean-architecture-generator/references/platform-react.md +261 -0
- package/.github/skills/code-test-coverage-analyzer/SKILL.md +1358 -0
- package/.github/skills/code-test-coverage-analyzer/assets/config-questionnaire.md +118 -0
- package/.github/skills/code-test-coverage-analyzer/assets/conflict-resolution-protocol.md +99 -0
- package/.github/skills/code-test-coverage-analyzer/assets/coverage-calculation-rules.md +294 -0
- package/.github/skills/code-test-coverage-analyzer/assets/multi-strategy-search.md +145 -0
- package/.github/skills/code-test-coverage-analyzer/assets/output-file-contracts.md +651 -0
- package/.github/skills/code-test-coverage-analyzer/assets/status-definitions.md +273 -0
- package/.github/skills/code-test-coverage-analyzer/examples/example-invocation.md +208 -0
- package/.github/skills/code-test-coverage-analyzer/references/android-patterns.md +229 -0
- package/.github/skills/code-test-coverage-analyzer/references/angular-patterns.md +177 -0
- package/.github/skills/code-test-coverage-analyzer/references/backend-patterns.md +383 -0
- package/.github/skills/code-test-coverage-analyzer/references/flutter-patterns.md +254 -0
- package/.github/skills/code-test-coverage-analyzer/references/ios-patterns.md +228 -0
- package/.github/skills/code-test-coverage-analyzer/references/react-native-patterns.md +431 -0
- package/.github/skills/code-test-coverage-analyzer/references/react-patterns.md +206 -0
- package/.github/skills/code-test-coverage-analyzer/scripts/detect-platform.ps1 +261 -0
- package/.github/skills/code-test-coverage-analyzer/scripts/scan-repository.ps1 +242 -0
- package/.github/skills/code-test-coverage-analyzer/templates/brd-compliance-row.md +107 -0
- package/.github/skills/code-test-coverage-analyzer/templates/test-case-row.md +130 -0
- package/.github/skills/code-test-coverage-analyzer/templates/user-story-compliance-row.md +170 -0
- package/.github/skills/custom-font-integrator/SKILL.md +373 -0
- package/.github/skills/custom-font-integrator/assets/FontTestScreen.js +150 -0
- package/.github/skills/custom-font-integrator/references/example-info-plist.xml +21 -0
- package/.github/skills/custom-font-integrator/scripts/setup-fonts.sh +99 -0
- package/.github/skills/encryption-decryption-utility/Instructions.md +282 -0
- package/.github/skills/encryption-decryption-utility/README.md +222 -0
- package/.github/skills/encryption-decryption-utility/SKILL.md +645 -0
- package/.github/skills/encryption-decryption-utility/assets/encryption-config-template.json +13 -0
- package/.github/skills/encryption-decryption-utility/assets/platform-matrix.json +180 -0
- package/.github/skills/encryption-decryption-utility/metadata.yaml +51 -0
- package/.github/skills/encryption-decryption-utility/references/android-crypto.md +157 -0
- package/.github/skills/encryption-decryption-utility/references/angular-crypto.md +130 -0
- package/.github/skills/encryption-decryption-utility/references/approach-1-webcrypto.md +95 -0
- package/.github/skills/encryption-decryption-utility/references/approach-2-rsa-aes-cbc.md +111 -0
- package/.github/skills/encryption-decryption-utility/references/approach-3-aes-sharedkey.md +114 -0
- package/.github/skills/encryption-decryption-utility/references/architecture.md +233 -0
- package/.github/skills/encryption-decryption-utility/references/backend-alignment.md +506 -0
- package/.github/skills/encryption-decryption-utility/references/dependency-guidance.md +234 -0
- package/.github/skills/encryption-decryption-utility/references/ec-implementation.md +832 -0
- package/.github/skills/encryption-decryption-utility/references/error-handling-playbook.md +234 -0
- package/.github/skills/encryption-decryption-utility/references/flutter-crypto.md +105 -0
- package/.github/skills/encryption-decryption-utility/references/ios-crypto.md +338 -0
- package/.github/skills/encryption-decryption-utility/references/native-rsa-implementation.md +373 -0
- package/.github/skills/encryption-decryption-utility/references/node-crypto.md +86 -0
- package/.github/skills/encryption-decryption-utility/references/react-crypto.md +105 -0
- package/.github/skills/encryption-decryption-utility/references/react-native-crypto.md +1001 -0
- package/.github/skills/encryption-decryption-utility/references/react-web-crypto.md +668 -0
- package/.github/skills/encryption-decryption-utility/references/security-checklist.md +176 -0
- package/.github/skills/encryption-decryption-utility/references/web-crypto.md +74 -0
- package/.github/skills/encryption-decryption-utility/scripts/detect.js +128 -0
- package/.github/skills/encryption-decryption-utility/scripts/install.js +1713 -0
- package/.github/skills/encryption-decryption-utility/scripts/setup.js +800 -0
- package/.github/skills/encryption-decryption-utility/template.md +241 -0
- package/.github/skills/encryption-decryption-utility/templates/config-questionnaire.md +467 -0
- package/.github/skills/encryption-decryption-utility/templates/delivery-checklist.md +206 -0
- package/.github/skills/encryption-decryption-utility/templates/implementation-plan.md +304 -0
- package/.github/skills/feature-generator/SKILL.MD +2741 -0
- package/.github/skills/feature-generator/assets/fingerprint-schema.json +385 -0
- package/.github/skills/feature-generator/assets/spec-template.md +172 -0
- package/.github/skills/feature-generator/assets/transform-rules.json +82 -0
- package/.github/skills/feature-generator/references/api-envelope-patterns.md +327 -0
- package/.github/skills/feature-generator/references/screen-logic-patterns.md +399 -0
- package/.github/skills/feature-generator/references/state-library-patterns.md +464 -0
- package/.github/skills/figma-ui-mapper/README.md +34 -0
- package/.github/skills/figma-ui-mapper/SKILL.md +101 -0
- package/.github/skills/figma-ui-mapper/assets/templates/component-map-template.md +30 -0
- package/.github/skills/figma-ui-mapper/assets/templates/generation-report-template.md +49 -0
- package/.github/skills/figma-ui-mapper/metadata.yaml +22 -0
- package/.github/skills/figma-ui-mapper/references/android.md +11 -0
- package/.github/skills/figma-ui-mapper/references/angular.md +18 -0
- package/.github/skills/figma-ui-mapper/references/capacitor.md +18 -0
- package/.github/skills/figma-ui-mapper/references/common.md +23 -0
- package/.github/skills/figma-ui-mapper/references/expo.md +18 -0
- package/.github/skills/figma-ui-mapper/references/flutter.md +18 -0
- package/.github/skills/figma-ui-mapper/references/frameworks/angular/rules.md +23 -0
- package/.github/skills/figma-ui-mapper/references/frameworks/capacitor/rules.md +23 -0
- package/.github/skills/figma-ui-mapper/references/frameworks/expo/rules.md +23 -0
- package/.github/skills/figma-ui-mapper/references/frameworks/flutter/rules.md +23 -0
- package/.github/skills/figma-ui-mapper/references/frameworks/ionic/rules.md +23 -0
- package/.github/skills/figma-ui-mapper/references/frameworks/kotlin-multiplatform/rules.md +23 -0
- package/.github/skills/figma-ui-mapper/references/frameworks/native-android/rules.md +23 -0
- package/.github/skills/figma-ui-mapper/references/frameworks/native-ios/rules.md +23 -0
- package/.github/skills/figma-ui-mapper/references/frameworks/next/rules.md +23 -0
- package/.github/skills/figma-ui-mapper/references/frameworks/nuxt/rules.md +23 -0
- package/.github/skills/figma-ui-mapper/references/frameworks/react/rules.md +19 -0
- package/.github/skills/figma-ui-mapper/references/frameworks/react-native/rules.md +23 -0
- package/.github/skills/figma-ui-mapper/references/frameworks/svelte/rules.md +23 -0
- package/.github/skills/figma-ui-mapper/references/frameworks/vue/rules.md +23 -0
- package/.github/skills/figma-ui-mapper/references/ionic.md +18 -0
- package/.github/skills/figma-ui-mapper/references/ios.md +11 -0
- package/.github/skills/figma-ui-mapper/references/kotlin-multiplatform.md +18 -0
- package/.github/skills/figma-ui-mapper/references/native-android.md +18 -0
- package/.github/skills/figma-ui-mapper/references/native-ios.md +18 -0
- package/.github/skills/figma-ui-mapper/references/next.md +18 -0
- package/.github/skills/figma-ui-mapper/references/nuxt.md +18 -0
- package/.github/skills/figma-ui-mapper/references/react-figma-guideline.md +21 -0
- package/.github/skills/figma-ui-mapper/references/react-native.md +18 -0
- package/.github/skills/figma-ui-mapper/references/react.md +18 -0
- package/.github/skills/figma-ui-mapper/references/script-usage.md +46 -0
- package/.github/skills/figma-ui-mapper/references/svelte.md +18 -0
- package/.github/skills/figma-ui-mapper/references/vue.md +18 -0
- package/.github/skills/figma-ui-mapper/references/workflow.md +74 -0
- package/.github/skills/figma-ui-mapper/scripts/generate-page-through-figma.js +635 -0
- package/.github/skills/figma-ui-mapper/scripts/generate-react-page-through-figma.js +4 -0
- package/.github/skills/frontend-task-breakdown/SKILL.md +734 -0
- package/.github/skills/md-file-converter/SKILL.md +291 -0
- package/.github/skills/md-file-converter/config/formats.json +114 -0
- package/.github/skills/md-file-converter/extractors/extract-docx.sh +120 -0
- package/.github/skills/md-file-converter/extractors/extract-eml.py +108 -0
- package/.github/skills/md-file-converter/extractors/extract-pdf.sh +97 -0
- package/.github/skills/md-file-converter/extractors/extract-pptx.py +143 -0
- package/.github/skills/md-file-converter/extractors/extract-xlsx.py +175 -0
- package/.github/skills/md-file-converter/scripts/check-tools.sh +47 -0
- package/.github/skills/md-file-converter/scripts/extract-archive.sh +83 -0
- package/.github/skills/md-file-converter/scripts/extract-ocr.sh +77 -0
- package/.github/skills/md-file-converter/scripts/get-metadata.sh +57 -0
- package/.github/skills/md-file-converter/templates/output.md +73 -0
- package/.github/skills/md-file-converter/templates/unsupported-object.md +6 -0
- package/.github/skills/mockAPI-contract-generator/SKILL.md +607 -0
- package/.github/skills/test-case-validator/CHANGELOG.md +155 -0
- package/.github/skills/test-case-validator/CONFIGURATION.md +130 -0
- package/.github/skills/test-case-validator/EXAMPLES.md +50 -0
- package/.github/skills/test-case-validator/QUALITY_SCORING.md +98 -0
- package/.github/skills/test-case-validator/README.md +111 -0
- package/.github/skills/test-case-validator/REPORT_TEMPLATE.md +116 -0
- package/.github/skills/test-case-validator/SKILL.md +209 -0
- package/.github/skills/test-case-validator/SYSTEM_PROMPT.md +127 -0
- package/.github/skills/test-case-validator/TRACEABILITY_ENGINE.md +152 -0
- package/.github/skills/test-case-validator/VALIDATION_RULES.md +411 -0
- package/.github/skills/test-case-validator/config/default.config.yaml +62 -0
- package/.github/skills/test-case-validator/docs/ARCHITECTURE.md +66 -0
- package/.github/skills/test-case-validator/docs/EXTENDING.md +85 -0
- package/.github/skills/test-case-validator/docs/FAQ.md +88 -0
- package/.github/skills/test-case-validator/docs/VERSIONING.md +55 -0
- package/.github/skills/test-case-validator/examples/example-1-manual-qa-ecommerce/input-brd.md +43 -0
- package/.github/skills/test-case-validator/examples/example-1-manual-qa-ecommerce/input-test-cases.csv +9 -0
- package/.github/skills/test-case-validator/examples/example-1-manual-qa-ecommerce/input-user-story.md +29 -0
- package/.github/skills/test-case-validator/examples/example-1-manual-qa-ecommerce/output-report.md +303 -0
- package/.github/skills/test-case-validator/examples/example-2-automated-frontend-suite/input-spec.md +43 -0
- package/.github/skills/test-case-validator/examples/example-2-automated-frontend-suite/input-test-files-index.md +56 -0
- package/.github/skills/test-case-validator/examples/example-2-automated-frontend-suite/output-report.md +274 -0
- package/.github/skills/test-case-validator/prompts/00-applicability-resolution.md +61 -0
- package/.github/skills/test-case-validator/prompts/01-extraction-user-story.md +58 -0
- package/.github/skills/test-case-validator/prompts/02-extraction-brd.md +64 -0
- package/.github/skills/test-case-validator/prompts/03-extraction-test-cases.md +92 -0
- package/.github/skills/test-case-validator/prompts/04-traceability-matrix.md +41 -0
- package/.github/skills/test-case-validator/prompts/05-coverage-analysis.md +46 -0
- package/.github/skills/test-case-validator/prompts/06-missing-scenario-detection.md +32 -0
- package/.github/skills/test-case-validator/prompts/07-duplicate-detection.md +36 -0
- package/.github/skills/test-case-validator/prompts/08-risk-analysis.md +39 -0
- package/.github/skills/test-case-validator/prompts/09-gated-wiring-validation.md +53 -0
- package/.github/skills/test-case-validator/prompts/10-observation-report.md +56 -0
- package/.github/skills/test-case-validator/prompts/11-final-report-assembly.md +57 -0
- package/.github/skills/test-case-validator/templates/coverage-table.md +25 -0
- package/.github/skills/test-case-validator/templates/executive-summary.md +38 -0
- package/.github/skills/test-case-validator/templates/final-summary-block.md +87 -0
- package/.github/skills/test-case-validator/templates/observation-entry.md +41 -0
- package/.github/skills/test-case-validator/templates/rtm-row.md +25 -0
- package/.github/skills/validation-engine-builder/README.md +50 -0
- package/.github/skills/validation-engine-builder/SKILL.md +241 -0
- package/.github/skills/validation-engine-builder/references/core.md +158 -0
- package/.github/skills/validation-engine-builder/references/platform-angular.md +166 -0
- package/.github/skills/validation-engine-builder/references/platform-flutter.md +118 -0
- package/.github/skills/validation-engine-builder/references/platform-react-native.md +170 -0
- package/.github/skills/validation-engine-builder/references/platform-react.md +94 -0
- package/.github/skills/validation-engine-builder/scripts/apply-to-project.js +80 -0
- package/.github/skills/validation-engine-builder/scripts/generate-angular.js +271 -0
- package/.github/skills/validation-engine-builder/scripts/generate-flutter.js +298 -0
- package/.github/skills/validation-engine-builder/scripts/generate-react-native.js +217 -0
- package/.github/skills/validation-engine-builder/scripts/generate-react.js +163 -0
- package/.github/skills/validation-engine-builder/scripts/install-deps.js +53 -0
- package/.github/skills/validation-engine-builder/scripts/shared/detect-platform.js +68 -0
- package/.github/skills/validation-engine-builder/scripts/shared/npm-deps.js +103 -0
- package/.github/skills/validation-engine-builder/scripts/shared/rhf-hook.js +43 -0
- package/.github/skills/validation-engine-builder/scripts/shared/ts-messages-regex.js +62 -0
- package/.github/skills/validation-engine-builder/scripts/shared/util.js +44 -0
- package/.github/skills/validation-engine-builder/scripts/shared/yup-schemas.js +80 -0
- package/.github/skills/validation-engine-builder/template.md +73 -0
- package/.github/skills/validation-engine-builder/templates/messages.json +22 -0
- package/.github/skills/validation-engine-builder/templates/regex.json +16 -0
- package/.github/skills/validation-engine-builder/templates/schemas.json +48 -0
- package/bin/index.js +145 -0
- package/package.json +22 -0
- package/readme.md +0 -0
|
@@ -0,0 +1,180 @@
|
|
|
1
|
+
{
|
|
2
|
+
"platforms": {
|
|
3
|
+
"angular": {
|
|
4
|
+
"approaches": [1, 2, 3],
|
|
5
|
+
"dependencies": {
|
|
6
|
+
"1": [],
|
|
7
|
+
"2": ["jsencrypt", "crypto-js", "@types/crypto-js"],
|
|
8
|
+
"3": ["crypto-js", "@types/crypto-js"]
|
|
9
|
+
},
|
|
10
|
+
"allowedCommonJsDependencies": ["crypto-js", "jsencrypt"],
|
|
11
|
+
"buildCommand": "ng build",
|
|
12
|
+
"filePaths": {
|
|
13
|
+
"config": "src/environments/environment.ts",
|
|
14
|
+
"service": "src/app/core/encryption/encryption.service.ts",
|
|
15
|
+
"interceptor": "src/app/core/encryption/encryption.interceptor.ts",
|
|
16
|
+
"moduleWiring": "src/app/app.module.ts"
|
|
17
|
+
},
|
|
18
|
+
"standaloneWiringFile": "src/app/app.config.ts",
|
|
19
|
+
"fileNamingConvention": "kebab-case",
|
|
20
|
+
"packageManager": "npm"
|
|
21
|
+
},
|
|
22
|
+
"web": {
|
|
23
|
+
"approaches": [1, 2, 3],
|
|
24
|
+
"dependencies": {
|
|
25
|
+
"1": [],
|
|
26
|
+
"2": ["jsencrypt", "crypto-js"],
|
|
27
|
+
"3": ["crypto-js"]
|
|
28
|
+
},
|
|
29
|
+
"buildCommand": "npm run build",
|
|
30
|
+
"filePaths": {
|
|
31
|
+
"config": "src/encryption/encryption.config.js",
|
|
32
|
+
"service": "src/encryption/encryption.service.js",
|
|
33
|
+
"interceptor": "src/encryption/encryption.interceptor.js",
|
|
34
|
+
"moduleWiring": "src/main.js"
|
|
35
|
+
},
|
|
36
|
+
"fileNamingConvention": "kebab-case",
|
|
37
|
+
"packageManager": "npm"
|
|
38
|
+
},
|
|
39
|
+
"node": {
|
|
40
|
+
"approaches": [2, 3],
|
|
41
|
+
"dependencies": {
|
|
42
|
+
"2": ["jsencrypt", "crypto-js", "@types/crypto-js"],
|
|
43
|
+
"3": ["crypto-js", "@types/crypto-js"]
|
|
44
|
+
},
|
|
45
|
+
"buildCommand": "npm run build",
|
|
46
|
+
"filePaths": {
|
|
47
|
+
"config": "src/encryption/encryption.config.ts",
|
|
48
|
+
"service": "src/encryption/encryption.service.ts",
|
|
49
|
+
"interceptor": "src/encryption/encryption.middleware.ts",
|
|
50
|
+
"moduleWiring": "src/app.ts"
|
|
51
|
+
},
|
|
52
|
+
"fileNamingConvention": "kebab-case",
|
|
53
|
+
"packageManager": "npm"
|
|
54
|
+
},
|
|
55
|
+
"android": {
|
|
56
|
+
"approaches": [2, 3],
|
|
57
|
+
"dependencies": {
|
|
58
|
+
"2": [],
|
|
59
|
+
"3": []
|
|
60
|
+
},
|
|
61
|
+
"buildCommand": "./gradlew assembleDebug",
|
|
62
|
+
"filePaths": {
|
|
63
|
+
"config": "app/src/main/java/com/example/encryption/EncryptionConfig.kt",
|
|
64
|
+
"service": "app/src/main/java/com/example/encryption/EncryptionService.kt",
|
|
65
|
+
"interceptor": "app/src/main/java/com/example/encryption/EncryptionInterceptor.kt",
|
|
66
|
+
"moduleWiring": "app/src/main/java/com/example/MyApplication.kt"
|
|
67
|
+
},
|
|
68
|
+
"fileNamingConvention": "PascalCase",
|
|
69
|
+
"packageManager": "gradle"
|
|
70
|
+
},
|
|
71
|
+
"ios": {
|
|
72
|
+
"approaches": [1, 2, 3],
|
|
73
|
+
"dependencies": {
|
|
74
|
+
"1": [],
|
|
75
|
+
"2": [],
|
|
76
|
+
"3": []
|
|
77
|
+
},
|
|
78
|
+
"buildCommand": "xcodebuild -scheme App -configuration Debug build",
|
|
79
|
+
"filePaths": {
|
|
80
|
+
"config": "Sources/App/Encryption/EncryptionConfig.swift",
|
|
81
|
+
"service": "Sources/App/Encryption/EncryptionService.swift",
|
|
82
|
+
"interceptor": "Sources/App/Encryption/EncryptionInterceptor.swift",
|
|
83
|
+
"moduleWiring": "Sources/App/AppDelegate.swift"
|
|
84
|
+
},
|
|
85
|
+
"fileNamingConvention": "PascalCase",
|
|
86
|
+
"packageManager": "swift-pm"
|
|
87
|
+
},
|
|
88
|
+
"react": {
|
|
89
|
+
"approaches": [1, 2, 3, 7],
|
|
90
|
+
"dependencies": {
|
|
91
|
+
"1": ["axios"],
|
|
92
|
+
"2": ["axios", "jsencrypt", "crypto-js", "@types/crypto-js"],
|
|
93
|
+
"3": ["axios", "crypto-js", "@types/crypto-js"],
|
|
94
|
+
"7": ["axios"]
|
|
95
|
+
},
|
|
96
|
+
"buildCommand": "npm run build",
|
|
97
|
+
"filePaths": {
|
|
98
|
+
"config": "src/encryption/encryption.config.ts",
|
|
99
|
+
"service": "src/encryption/encryption.service.ts",
|
|
100
|
+
"interceptor": "src/encryption/encryption.interceptor.ts",
|
|
101
|
+
"moduleWiring": "src/api/axiosInstance.ts"
|
|
102
|
+
},
|
|
103
|
+
"productionFilePaths": {
|
|
104
|
+
"cryptoUtils": "src/services/security/crypto-utils.ts",
|
|
105
|
+
"aesService": "src/services/security/aes.service.ts",
|
|
106
|
+
"rsaService": "src/services/security/rsa.service.ts",
|
|
107
|
+
"rsaKeyService": "src/services/security/rsa-key.service.ts",
|
|
108
|
+
"hmacService": "src/services/security/hmac.service.ts",
|
|
109
|
+
"storageService": "src/services/security/storage.service.ts",
|
|
110
|
+
"interceptor": "src/services/security/encryption.interceptor.ts",
|
|
111
|
+
"encryptionConfig": "src/services/security/encryption-config.ts",
|
|
112
|
+
"types": "src/services/security/types.ts",
|
|
113
|
+
"moduleWiring": "src/api/axiosInstance.ts"
|
|
114
|
+
},
|
|
115
|
+
"ecdhSessionFilePaths": {
|
|
116
|
+
"base64url": "src/core/security/ecdh-session/base64url.ts",
|
|
117
|
+
"aad": "src/core/security/ecdh-session/aad.ts",
|
|
118
|
+
"ecdhSession": "src/core/security/ecdh-session/ecdhSession.ts",
|
|
119
|
+
"aesGcm": "src/core/security/ecdh-session/aesGcm.ts",
|
|
120
|
+
"ecdhSessionService": "src/core/security/ecdh-session/ecdhSessionService.ts"
|
|
121
|
+
},
|
|
122
|
+
"fileNamingConvention": "kebab-case",
|
|
123
|
+
"packageManager": "npm"
|
|
124
|
+
},
|
|
125
|
+
"react-native": {
|
|
126
|
+
"approaches": [2, 3, 4, 5, 6],
|
|
127
|
+
"dependencies": {
|
|
128
|
+
"2": ["axios", "jsencrypt", "crypto-js", "@types/crypto-js", "react-native-get-random-values"],
|
|
129
|
+
"3": ["axios", "crypto-js", "@types/crypto-js", "react-native-get-random-values"],
|
|
130
|
+
"4": ["axios", "react-native-quick-crypto", "@craftzdog/react-native-buffer", "react-native-keychain", "react-native-get-random-values"],
|
|
131
|
+
"5": ["axios", "react-native-quick-crypto", "@craftzdog/react-native-buffer", "react-native-keychain", "react-native-get-random-values"],
|
|
132
|
+
"6": ["axios", "react-native-quick-crypto", "buffer", "react-native-keychain", "react-native-get-random-values"]
|
|
133
|
+
},
|
|
134
|
+
"entryPolyfillFile": "index.js",
|
|
135
|
+
"buildCommand": "npx react-native run-android",
|
|
136
|
+
"filePaths": {
|
|
137
|
+
"config": "src/encryption/encryption.config.ts",
|
|
138
|
+
"service": "src/encryption/encryption.service.ts",
|
|
139
|
+
"interceptor": "src/encryption/encryption.interceptor.ts",
|
|
140
|
+
"moduleWiring": "src/api/axiosInstance.ts"
|
|
141
|
+
},
|
|
142
|
+
"productionFilePaths": {
|
|
143
|
+
"types": "src/services/security/types.ts",
|
|
144
|
+
"encryptionService": "src/services/security/encryption.service.ts",
|
|
145
|
+
"decryptionService": "src/services/security/decryption.service.ts",
|
|
146
|
+
"rsaKeyService": "src/services/security/rsa-key.service.ts",
|
|
147
|
+
"keychainService": "src/services/security/keychain.service.ts",
|
|
148
|
+
"hmacService": "src/services/security/hmac.service.ts",
|
|
149
|
+
"encryptionConfig": "src/services/security/encryption-config.ts",
|
|
150
|
+
"interceptor": "src/services/security/encryption.interceptor.ts",
|
|
151
|
+
"moduleWiring": "src/api/axiosInstance.ts"
|
|
152
|
+
},
|
|
153
|
+
"nativeFilePaths": {
|
|
154
|
+
"androidModule": "android/app/src/main/java/com/example/security/NativeCryptoModule.kt",
|
|
155
|
+
"androidPackage": "android/app/src/main/java/com/example/security/NativeCryptoPackage.kt",
|
|
156
|
+
"iosModule": "ios/NativeCryptoModule.swift",
|
|
157
|
+
"iosBridge": "ios/NativeCryptoModule.m",
|
|
158
|
+
"jsBridge": "src/services/security/native-crypto.module.ts"
|
|
159
|
+
},
|
|
160
|
+
"fileNamingConvention": "kebab-case",
|
|
161
|
+
"packageManager": "npm"
|
|
162
|
+
},
|
|
163
|
+
"flutter": {
|
|
164
|
+
"approaches": [2, 3],
|
|
165
|
+
"dependencies": {
|
|
166
|
+
"2": ["encrypt: ^5.0.3", "pointycastle: ^3.7.3"],
|
|
167
|
+
"3": ["encrypt: ^5.0.3", "pointycastle: ^3.7.3"]
|
|
168
|
+
},
|
|
169
|
+
"buildCommand": "flutter build apk --debug",
|
|
170
|
+
"filePaths": {
|
|
171
|
+
"config": "lib/core/encryption/encryption_config.dart",
|
|
172
|
+
"service": "lib/core/encryption/encryption_service.dart",
|
|
173
|
+
"interceptor": "lib/core/encryption/encryption_interceptor.dart",
|
|
174
|
+
"moduleWiring": "lib/main.dart"
|
|
175
|
+
},
|
|
176
|
+
"fileNamingConvention": "snake_case",
|
|
177
|
+
"packageManager": "pub"
|
|
178
|
+
}
|
|
179
|
+
}
|
|
180
|
+
}
|
|
@@ -0,0 +1,51 @@
|
|
|
1
|
+
name: encryption-decryption-utility
|
|
2
|
+
version: 1.1.0
|
|
3
|
+
status: active
|
|
4
|
+
category: security
|
|
5
|
+
platforms:
|
|
6
|
+
- angular
|
|
7
|
+
- react
|
|
8
|
+
# - react-native
|
|
9
|
+
- web
|
|
10
|
+
- android
|
|
11
|
+
- ios
|
|
12
|
+
# - flutter
|
|
13
|
+
# - node
|
|
14
|
+
tags:
|
|
15
|
+
- encryption
|
|
16
|
+
- decryption
|
|
17
|
+
- rsa
|
|
18
|
+
- aes
|
|
19
|
+
- ecdh
|
|
20
|
+
- hmac
|
|
21
|
+
- interceptor
|
|
22
|
+
- security
|
|
23
|
+
- crypto
|
|
24
|
+
- web-crypto
|
|
25
|
+
- keychain
|
|
26
|
+
- token-storage
|
|
27
|
+
- react-web
|
|
28
|
+
- browser-crypto
|
|
29
|
+
owner: mohit-pwa-skill-development-team
|
|
30
|
+
changelog:
|
|
31
|
+
- version: 1.1.0
|
|
32
|
+
date: 2026-06-24
|
|
33
|
+
changes:
|
|
34
|
+
- Added approach 7 — React JS web production mode (AES-256-GCM + RSA-OAEP or ECDH-Session via built-in Web Crypto API)
|
|
35
|
+
- New reference file references/react-web-crypto.md — full approach 7 implementation reference
|
|
36
|
+
- platform-matrix.json — approach 7 added to react platform with productionFilePaths and ecdhSessionFilePaths
|
|
37
|
+
- SKILL.md — approach 7 minimum completion scope, Step 6c, rules 28-40, Inputs/Outputs/Dependencies table rows
|
|
38
|
+
- config-questionnaire.md — Question 0a, Q7-1 through Q7-6, approach 7 validation status section
|
|
39
|
+
- implementation-plan.md — React JS approach 7 dependency plan, file tables, runtime behaviour, feature flags, testing plan
|
|
40
|
+
- delivery-checklist.md — approach 7 RSA-OAEP and ECDH-Session implementation checklists, security and CORS items
|
|
41
|
+
- No changes to approaches 1-6 or any other platform — fully additive
|
|
42
|
+
- version: 1.0.0
|
|
43
|
+
date: 2026-05-05
|
|
44
|
+
changes:
|
|
45
|
+
- Initial release of encryption-decryption-utility skill metadata
|
|
46
|
+
- Support for Angular, React, React Native (JS + Native), Web, Node.js, Android, iOS, Flutter
|
|
47
|
+
- Six cryptographic approaches including RSA-OAEP+AES-256-GCM, RSA+AES-256-CBC, AES-256-CBC shared key, EC ECDH+AES-256-GCM
|
|
48
|
+
- Zero-dependency Node.js scripts for detection, install, and setup
|
|
49
|
+
- HMAC signing support and per-URL exclusion lists
|
|
50
|
+
- Single-run execution contract with config-questionnaire-driven flow
|
|
51
|
+
- backend-alignment.md spec for server-side contract sharing
|
|
@@ -0,0 +1,157 @@
|
|
|
1
|
+
# Platform: Android (Kotlin)
|
|
2
|
+
|
|
3
|
+
## Overview
|
|
4
|
+
|
|
5
|
+
Android uses an **OkHttp Interceptor** (`EncryptionInterceptor`) registered on the OkHttp client.
|
|
6
|
+
Crypto operations use the built-in `javax.crypto` package.
|
|
7
|
+
Supports Approaches 1, 2, 3, and 6 using native Android security providers.
|
|
8
|
+
|
|
9
|
+
> File locations are determined at runtime by `assets/platform-matrix.json` for this platform.
|
|
10
|
+
> Do not hardcode file paths in skill instructions or generated code.
|
|
11
|
+
|
|
12
|
+
---
|
|
13
|
+
|
|
14
|
+
## File Naming Convention
|
|
15
|
+
|
|
16
|
+
| Role | Path |
|
|
17
|
+
|----------------|------------------------------------------------------------------------------|
|
|
18
|
+
| Config | `app/src/main/java/com/example/encryption/EncryptionConfig.kt` |
|
|
19
|
+
| Service | `app/src/main/java/com/example/encryption/EncryptionService.kt` |
|
|
20
|
+
| Interceptor | `app/src/main/java/com/example/encryption/EncryptionInterceptor.kt` |
|
|
21
|
+
| Module wiring | `app/src/main/java/com/example/network/NetworkModule.kt` |
|
|
22
|
+
|
|
23
|
+
---
|
|
24
|
+
|
|
25
|
+
## MANDATORY INTERACTIVE PROMPT SEQUENCE (Fresh Implementation)
|
|
26
|
+
|
|
27
|
+
> **This section applies whenever no existing centralized `EncryptionService` is found in the project.**
|
|
28
|
+
> **It is not optional. It is not skippable. It runs before Step 3 of the skill and before any file is generated.**
|
|
29
|
+
> The agent MUST ask each question below, wait for the user's answer, and record the response before proceeding.
|
|
30
|
+
> Do NOT infer, assume, or pre-fill any answer. Do NOT proceed to implementation until every question is answered.
|
|
31
|
+
|
|
32
|
+
---
|
|
33
|
+
|
|
34
|
+
### Prompt 1 — Encryption approach
|
|
35
|
+
|
|
36
|
+
Ask the user exactly this question and wait for their answer:
|
|
37
|
+
|
|
38
|
+
```
|
|
39
|
+
Which encryption approach should be used for this Android project?
|
|
40
|
+
|
|
41
|
+
1 — RSA-OAEP + AES-256-GCM (asymmetric hybrid; modern authenticated encryption)
|
|
42
|
+
2 — RSA + AES-256-CBC (asymmetric hybrid; legacy compatibility)
|
|
43
|
+
3 — AES-256-CBC shared key (symmetric; requires a shared secret string)
|
|
44
|
+
6 — ECDH + AES-256-GCM (Elliptic Curve; highest security with Forward Secrecy)
|
|
45
|
+
|
|
46
|
+
Enter 1, 2, 3, or 6:
|
|
47
|
+
```
|
|
48
|
+
|
|
49
|
+
- Do not proceed until the user answers with 1, 2, 3, or 6.
|
|
50
|
+
- Do not default to any option if the user does not answer immediately.
|
|
51
|
+
- If the user answers outside the valid range, re-ask.
|
|
52
|
+
|
|
53
|
+
---
|
|
54
|
+
|
|
55
|
+
### Prompt 2 — Key material
|
|
56
|
+
|
|
57
|
+
After Prompt 1 is answered, ask the appropriate follow-up:
|
|
58
|
+
|
|
59
|
+
**If approach 1 or 2:**
|
|
60
|
+
```
|
|
61
|
+
Provide the RSA public key PEM that will be used to encrypt the AES session key.
|
|
62
|
+
The server must hold the corresponding private key to decrypt it.
|
|
63
|
+
|
|
64
|
+
Paste the PEM (begins with -----BEGIN PUBLIC KEY-----):
|
|
65
|
+
```
|
|
66
|
+
|
|
67
|
+
**If approach 3:**
|
|
68
|
+
```
|
|
69
|
+
Provide the shared secret string (minimum 32 characters).
|
|
70
|
+
This exact same secret must also be configured on the server.
|
|
71
|
+
|
|
72
|
+
Enter shared secret:
|
|
73
|
+
```
|
|
74
|
+
|
|
75
|
+
**If approach 6:**
|
|
76
|
+
```
|
|
77
|
+
Provide the Server's Public EC Key (Uncompressed HEX or PEM).
|
|
78
|
+
The app will use this to perform the ECDH key agreement.
|
|
79
|
+
|
|
80
|
+
Enter Server EC Public Key:
|
|
81
|
+
```
|
|
82
|
+
|
|
83
|
+
**If the user says they want to reuse an existing Keystore entry:**
|
|
84
|
+
```
|
|
85
|
+
Provide the Android Keystore alias that holds the key material:
|
|
86
|
+
```
|
|
87
|
+
|
|
88
|
+
- Do not proceed until the user provides actual key material.
|
|
89
|
+
- Do not accept placeholder strings.
|
|
90
|
+
- Validate inputs based on approach requirements.
|
|
91
|
+
|
|
92
|
+
---
|
|
93
|
+
|
|
94
|
+
### Prompt 3 — Backend decryption scope
|
|
95
|
+
|
|
96
|
+
```
|
|
97
|
+
Will a backend server decrypt the data encrypted by this service?
|
|
98
|
+
|
|
99
|
+
yes — server decryption is in scope; I confirm the server uses the same algorithm and key
|
|
100
|
+
no — local/demo only; encryption and decryption happen within this app only
|
|
101
|
+
|
|
102
|
+
Enter yes or no:
|
|
103
|
+
```
|
|
104
|
+
|
|
105
|
+
---
|
|
106
|
+
|
|
107
|
+
### Prompt 4 — HMAC signing
|
|
108
|
+
|
|
109
|
+
```
|
|
110
|
+
Should requests include an HMAC signature for integrity verification?
|
|
111
|
+
|
|
112
|
+
yes — HMAC-SHA256 signing enabled (requires ENCRYPTION_HMAC_SECRET environment variable at runtime)
|
|
113
|
+
no — no HMAC signing
|
|
114
|
+
|
|
115
|
+
Enter yes or no:
|
|
116
|
+
```
|
|
117
|
+
|
|
118
|
+
---
|
|
119
|
+
|
|
120
|
+
### Prompt 5 — URL exclusions
|
|
121
|
+
|
|
122
|
+
```
|
|
123
|
+
Are there any URL prefixes that should NOT be encrypted?
|
|
124
|
+
(e.g. /api/health, /api/upload for multipart endpoints)
|
|
125
|
+
|
|
126
|
+
Enter comma-separated prefixes, or press Enter to skip:
|
|
127
|
+
```
|
|
128
|
+
|
|
129
|
+
---
|
|
130
|
+
|
|
131
|
+
## MANDATORY Pre-Implementation Rules
|
|
132
|
+
|
|
133
|
+
---
|
|
134
|
+
|
|
135
|
+
### Rule 1 — Algorithm and approach must be explicitly confirmed before any code is written
|
|
136
|
+
|
|
137
|
+
The approach (1, 2, 3, or 6) **must be stated explicitly** by the user before a single line of cryptographic code is generated.
|
|
138
|
+
|
|
139
|
+
---
|
|
140
|
+
|
|
141
|
+
### Rule 2 — Key material source must be explicitly confirmed; random keys are forbidden for AES
|
|
142
|
+
|
|
143
|
+
**Never generate a random symmetric key** as the primary root key. The root material must be user-confirmed.
|
|
144
|
+
|
|
145
|
+
---
|
|
146
|
+
|
|
147
|
+
### Rule 3 — Scan for existing encryption and Keystore implementations before creating anything new
|
|
148
|
+
|
|
149
|
+
Always run `detect.js` or equivalent scan to avoid duplication.
|
|
150
|
+
|
|
151
|
+
---
|
|
152
|
+
|
|
153
|
+
## Build Command
|
|
154
|
+
|
|
155
|
+
```bash
|
|
156
|
+
gradlew.bat assembleDebug
|
|
157
|
+
```
|
|
@@ -0,0 +1,130 @@
|
|
|
1
|
+
# Platform: Angular
|
|
2
|
+
|
|
3
|
+
## Overview
|
|
4
|
+
|
|
5
|
+
Angular uses an **HttpInterceptor** to transparently encrypt outgoing request bodies.
|
|
6
|
+
All encryption logic lives in `EncryptionService`; the interceptor calls the service and clones the request.
|
|
7
|
+
Supports Approaches 1, 2, 3.
|
|
8
|
+
|
|
9
|
+
---
|
|
10
|
+
|
|
11
|
+
## File Naming Convention
|
|
12
|
+
|
|
13
|
+
| Role | Path |
|
|
14
|
+
|----------------|-------------------------------------------------------------|
|
|
15
|
+
| Config | `src/environments/environment.ts` |
|
|
16
|
+
| Service | `src/app/core/encryption/encryption.service.ts` |
|
|
17
|
+
| Interceptor | `src/app/core/encryption/encryption.interceptor.ts` |
|
|
18
|
+
| Module wiring | `src/app/app.module.ts` (NgModule) OR `src/app/app.config.ts` (standalone) |
|
|
19
|
+
|
|
20
|
+
---
|
|
21
|
+
|
|
22
|
+
## Module Wiring
|
|
23
|
+
|
|
24
|
+
### NgModule projects
|
|
25
|
+
|
|
26
|
+
Add to `providers` in `AppModule`:
|
|
27
|
+
|
|
28
|
+
```ts
|
|
29
|
+
import { HTTP_INTERCEPTORS } from '@angular/common/http';
|
|
30
|
+
import { EncryptionInterceptor } from './core/encryption/encryption.interceptor';
|
|
31
|
+
|
|
32
|
+
providers: [
|
|
33
|
+
{
|
|
34
|
+
provide: HTTP_INTERCEPTORS,
|
|
35
|
+
useClass: EncryptionInterceptor,
|
|
36
|
+
multi: true,
|
|
37
|
+
},
|
|
38
|
+
// ENCRYPTION_INTERCEPTOR_PLACEHOLDER
|
|
39
|
+
]
|
|
40
|
+
```
|
|
41
|
+
|
|
42
|
+
### Standalone projects (NgModule-free, no AppModule)
|
|
43
|
+
|
|
44
|
+
`app.module.ts` does not exist. Patch `src/app/app.config.ts` instead:
|
|
45
|
+
|
|
46
|
+
```ts
|
|
47
|
+
import { provideHttpClient, withInterceptorsFromDi } from '@angular/common/http';
|
|
48
|
+
import { HTTP_INTERCEPTORS } from '@angular/common/http';
|
|
49
|
+
import { EncryptionInterceptor } from './core/encryption/encryption.interceptor';
|
|
50
|
+
// ENCRYPTION_INTERCEPTOR_PLACEHOLDER
|
|
51
|
+
|
|
52
|
+
export const appConfig: ApplicationConfig = {
|
|
53
|
+
providers: [
|
|
54
|
+
provideRouter(routes),
|
|
55
|
+
provideHttpClient(withInterceptorsFromDi()),
|
|
56
|
+
{
|
|
57
|
+
provide: HTTP_INTERCEPTORS,
|
|
58
|
+
useClass: EncryptionInterceptor,
|
|
59
|
+
multi: true,
|
|
60
|
+
},
|
|
61
|
+
]
|
|
62
|
+
};
|
|
63
|
+
```
|
|
64
|
+
|
|
65
|
+
The `standaloneWiringFile` field in `platform-matrix.json` controls which file is patched when `app.module.ts` is absent.
|
|
66
|
+
|
|
67
|
+
---
|
|
68
|
+
|
|
69
|
+
## Interceptor Pattern
|
|
70
|
+
|
|
71
|
+
```ts
|
|
72
|
+
@Injectable()
|
|
73
|
+
export class EncryptionInterceptor implements HttpInterceptor {
|
|
74
|
+
constructor(private encryptionService: EncryptionService) {}
|
|
75
|
+
|
|
76
|
+
intercept(req: HttpRequest<unknown>, next: HttpHandler): Observable<HttpEvent<unknown>> {
|
|
77
|
+
if (!environment.encryption.enabled) return next.handle(req);
|
|
78
|
+
if (req.body instanceof FormData) return next.handle(req);
|
|
79
|
+
|
|
80
|
+
return from(this.encryptionService.encrypt(req.body as object)).pipe(
|
|
81
|
+
switchMap(encrypted => next.handle(req.clone({ body: encrypted }))),
|
|
82
|
+
catchError(() => next.handle(req))
|
|
83
|
+
);
|
|
84
|
+
}
|
|
85
|
+
}
|
|
86
|
+
```
|
|
87
|
+
|
|
88
|
+
---
|
|
89
|
+
|
|
90
|
+
## URL Exclusion Pattern
|
|
91
|
+
|
|
92
|
+
```ts
|
|
93
|
+
const excludeUrls: string[] = environment.encryption.excludeUrls;
|
|
94
|
+
if (excludeUrls.some(prefix => req.url.startsWith(prefix))) {
|
|
95
|
+
return next.handle(req);
|
|
96
|
+
}
|
|
97
|
+
```
|
|
98
|
+
|
|
99
|
+
---
|
|
100
|
+
|
|
101
|
+
## Dependencies (Approach 2 or 3)
|
|
102
|
+
|
|
103
|
+
```bash
|
|
104
|
+
npm install jsencrypt crypto-js
|
|
105
|
+
npm install --save-dev @types/crypto-js
|
|
106
|
+
```
|
|
107
|
+
|
|
108
|
+
Approach 1 uses the browser-native `crypto.subtle` — no extra packages.
|
|
109
|
+
|
|
110
|
+
### Suppress CommonJS build warnings
|
|
111
|
+
|
|
112
|
+
`crypto-js` and `jsencrypt` are CommonJS packages. Add to `angular.json` under
|
|
113
|
+
`projects.<name>.architect.build.options`:
|
|
114
|
+
|
|
115
|
+
```json
|
|
116
|
+
"allowedCommonJsDependencies": [
|
|
117
|
+
"crypto-js",
|
|
118
|
+
"jsencrypt"
|
|
119
|
+
]
|
|
120
|
+
```
|
|
121
|
+
|
|
122
|
+
`install.js` reads `allowedCommonJsDependencies` from `platform-matrix.json` to know which packages to list.
|
|
123
|
+
|
|
124
|
+
---
|
|
125
|
+
|
|
126
|
+
## Build Command
|
|
127
|
+
|
|
128
|
+
```bash
|
|
129
|
+
ng build --configuration production
|
|
130
|
+
```
|
|
@@ -0,0 +1,95 @@
|
|
|
1
|
+
# Approach 1 — RSA-OAEP + AES-256-GCM (Web Crypto)
|
|
2
|
+
|
|
3
|
+
## Overview
|
|
4
|
+
|
|
5
|
+
Uses the browser/runtime native **Web Crypto API** (`crypto.subtle`).
|
|
6
|
+
No third-party library dependencies.
|
|
7
|
+
Platforms: `angular`, `web`, `ios` (via CryptoKit).
|
|
8
|
+
**NOT supported on**: `node`, `android`, `flutter` (use Approach 2 or 3).
|
|
9
|
+
|
|
10
|
+
---
|
|
11
|
+
|
|
12
|
+
## Payload Shape
|
|
13
|
+
|
|
14
|
+
```json
|
|
15
|
+
{
|
|
16
|
+
"encryptedKey": "<base64 RSA-OAEP wrapped AES key>",
|
|
17
|
+
"iv": "<base64 12-byte IV>",
|
|
18
|
+
"encryptedData": "<base64 AES-GCM ciphertext + auth tag>"
|
|
19
|
+
}
|
|
20
|
+
```
|
|
21
|
+
|
|
22
|
+
---
|
|
23
|
+
|
|
24
|
+
## Encryption Flow (client side)
|
|
25
|
+
|
|
26
|
+
1. Generate a one-time AES-256-GCM key: `crypto.subtle.generateKey({name:"AES-GCM",length:256}, true, ["encrypt"])`
|
|
27
|
+
2. Generate a 12-byte random IV: `crypto.getRandomValues(new Uint8Array(12))`
|
|
28
|
+
3. Encrypt the JSON body: `crypto.subtle.encrypt({name:"AES-GCM",iv}, aesKey, bodyBytes)`
|
|
29
|
+
4. Export the raw AES key: `crypto.subtle.exportKey("raw", aesKey)`
|
|
30
|
+
5. Import the server RSA public key (SPKI, SHA-256): `crypto.subtle.importKey("spki", ...)`
|
|
31
|
+
6. Wrap the AES key with RSA-OAEP: `crypto.subtle.encrypt({name:"RSA-OAEP"}, pubKey, rawAesKey)`
|
|
32
|
+
7. Base64-encode all three results and return the payload object
|
|
33
|
+
|
|
34
|
+
---
|
|
35
|
+
|
|
36
|
+
## Decryption Flow (backend — Node.js example)
|
|
37
|
+
|
|
38
|
+
```js
|
|
39
|
+
const crypto = require('crypto');
|
|
40
|
+
|
|
41
|
+
async function decryptPayload(payload, privateKeyPem) {
|
|
42
|
+
const privateKey = crypto.createPrivateKey(privateKeyPem);
|
|
43
|
+
|
|
44
|
+
const encryptedKey = Buffer.from(payload.encryptedKey, 'base64');
|
|
45
|
+
const iv = Buffer.from(payload.iv, 'base64');
|
|
46
|
+
const encryptedData = Buffer.from(payload.encryptedData, 'base64');
|
|
47
|
+
|
|
48
|
+
const aesKeyBuffer = crypto.privateDecrypt(
|
|
49
|
+
{ key: privateKey, padding: crypto.constants.RSA_PKCS1_OAEP_PADDING, oaepHash: 'sha256' },
|
|
50
|
+
encryptedKey
|
|
51
|
+
);
|
|
52
|
+
|
|
53
|
+
const aesKey = await crypto.subtle.importKey('raw', aesKeyBuffer, { name: 'AES-GCM' }, false, ['decrypt']);
|
|
54
|
+
const decrypted = await crypto.subtle.decrypt({ name: 'AES-GCM', iv }, aesKey, encryptedData);
|
|
55
|
+
return JSON.parse(Buffer.from(decrypted).toString('utf8'));
|
|
56
|
+
}
|
|
57
|
+
```
|
|
58
|
+
|
|
59
|
+
---
|
|
60
|
+
|
|
61
|
+
## iOS Mapping (CryptoKit)
|
|
62
|
+
|
|
63
|
+
- AES-256-GCM → `AES.GCM.seal(data, using: symmetricKey)`
|
|
64
|
+
- RSA-OAEP → `SecKeyCreateEncryptedData(pubKey, .rsaEncryptionOAEPSHA256, keyData, &error)`
|
|
65
|
+
- IV embedded in `AES.GCM.SealedBox.combined`
|
|
66
|
+
|
|
67
|
+
---
|
|
68
|
+
|
|
69
|
+
## Key Generation (OpenSSL)
|
|
70
|
+
|
|
71
|
+
```bash
|
|
72
|
+
# RSA-2048 key pair
|
|
73
|
+
openssl genrsa -out private.pem 2048
|
|
74
|
+
openssl rsa -in private.pem -pubout -out public.pem
|
|
75
|
+
```
|
|
76
|
+
|
|
77
|
+
---
|
|
78
|
+
|
|
79
|
+
## Required Config Fields
|
|
80
|
+
|
|
81
|
+
| Field | Required | Notes |
|
|
82
|
+
|---------------|----------|-------------------------------|
|
|
83
|
+
| approach | Yes | Must be `1` |
|
|
84
|
+
| publicKeyPem | Yes | SPKI PEM, whitespace removed |
|
|
85
|
+
| privateKeyPem | No | Only if response is encrypted |
|
|
86
|
+
|
|
87
|
+
---
|
|
88
|
+
|
|
89
|
+
## Platform Dependencies (install.js uses platform-matrix.json)
|
|
90
|
+
|
|
91
|
+
| Platform | Package | Notes |
|
|
92
|
+
|----------|------------------------|-------------------------------|
|
|
93
|
+
| angular | none | Uses browser `crypto.subtle` |
|
|
94
|
+
| web | none | Uses browser `crypto.subtle` |
|
|
95
|
+
| ios | CryptoKit (built-in) | Swift >= 5.4 |
|