squarefi-bff-api-module 1.12.1 → 1.13.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/dist/api/issuing.js +17 -48
  2. package/dist/utils/encrypt.d.ts +3 -0
  3. package/dist/utils/encrypt.js +28 -0
  4. package/package.json +3 -2
  5. package/src/api/issuing.ts +16 -21
  6. package/src/utils/encrypt.ts +13 -0
  7. package/src/utils/common.ts +0 -42
package/dist/api/issuing.js CHANGED
@@ -1,37 +1,4 @@
1
1
  "use strict";
2
- var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
3
- if (k2 === undefined) k2 = k;
4
- var desc = Object.getOwnPropertyDescriptor(m, k);
5
- if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
6
- desc = { enumerable: true, get: function() { return m[k]; } };
7
- }
8
- Object.defineProperty(o, k2, desc);
9
- }) : (function(o, m, k, k2) {
10
- if (k2 === undefined) k2 = k;
11
- o[k2] = m[k];
12
- }));
13
- var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
14
- Object.defineProperty(o, "default", { enumerable: true, value: v });
15
- }) : function(o, v) {
16
- o["default"] = v;
17
- });
18
- var __importStar = (this && this.__importStar) || (function () {
19
- var ownKeys = function(o) {
20
- ownKeys = Object.getOwnPropertyNames || function (o) {
21
- var ar = [];
22
- for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
23
- return ar;
24
- };
25
- return ownKeys(o);
26
- };
27
- return function (mod) {
28
- if (mod && mod.__esModule) return mod;
29
- var result = {};
30
- if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
31
- __setModuleDefault(result, mod);
32
- return result;
33
- };
34
- })();
35
2
  var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
36
3
  function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
37
4
  return new (P || (P = Promise))(function (resolve, reject) {
@@ -41,12 +8,16 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
41
8
  step((generator = generator.apply(thisArg, _arguments || [])).next());
42
9
  });
43
10
  };
11
+ var __importDefault = (this && this.__importDefault) || function (mod) {
12
+ return (mod && mod.__esModule) ? mod : { "default": mod };
13
+ };
44
14
  Object.defineProperty(exports, "__esModule", { value: true });
45
15
  exports.issuing = void 0;
16
+ const node_rsa_1 = __importDefault(require("node-rsa"));
46
17
  const apiClientFactory_1 = require("../utils/apiClientFactory");
47
18
  const constants_1 = require("../constants");
48
19
  const fiat_accounts_1 = require("./fiat_accounts");
49
- const common_1 = require("../utils/common");
20
+ const encrypt_1 = require("../utils/encrypt");
50
21
  exports.issuing = {
51
22
  cards: {
52
23
  create: {
@@ -71,28 +42,26 @@ exports.issuing = {
71
42
  encrypted: {
72
43
  secretKey: {
73
44
  get: (card_id) => __awaiter(void 0, void 0, void 0, function* () {
74
- const JSEncrypt = (yield Promise.resolve().then(() => __importStar(require('jsencrypt')))).default;
75
- const serverPublicKey = process.env.SERVER_PUBLIC_KEY_BASE64;
76
- const encrypt = new JSEncrypt();
77
- if (!serverPublicKey) {
45
+ const serverPublicKeyEnv = process.env.SERVER_PUBLIC_KEY_BASE64;
46
+ const clientRsa = new node_rsa_1.default();
47
+ if (!serverPublicKeyEnv) {
78
48
  throw new Error('SERVER_PUBLIC_KEY_BASE64 is not set');
79
49
  }
80
- const secretKey = (0, common_1.generate256bitSecretKey)();
81
- const secretKeyBase64 = (0, common_1.arrayBufferToBase64)(secretKey);
82
- const serverPublicKeyPEM = (0, common_1.decodePEMFromBase64)(serverPublicKey);
83
- encrypt.setPublicKey(serverPublicKeyPEM);
84
- const payload = {
85
- key: secretKeyBase64,
50
+ const serverPublicKey = Buffer.from(serverPublicKeyEnv, 'base64').toString('utf8');
51
+ clientRsa.importKey(serverPublicKey, 'pkcs8-public-pem');
52
+ const clientSecretKey = (0, encrypt_1.generateSecretKey)();
53
+ const clientPayload = {
54
+ key: clientSecretKey.toString('base64'),
86
55
  timestamp: Date.now(),
87
56
  };
88
- const encrypted_key = encrypt.encrypt(JSON.stringify(payload));
89
- const response = yield apiClientFactory_1.apiClientV1.postRequest(`/issuing/cards/${card_id}/sensitive/secretkey`, {
57
+ const encrypted_key = clientRsa.encrypt(JSON.stringify(clientPayload), 'base64');
58
+ const { success, encrypted, data, iv } = yield apiClientFactory_1.apiClientV1.postRequest(`/issuing/cards/${card_id}/sensitive/secretkey`, {
90
59
  data: {
91
60
  encrypted_key,
92
61
  },
93
62
  });
94
- if (response.success && response.encrypted && response.data && response.iv) {
95
- const decryptedData = yield (0, common_1.decryptSensitiveData)(response.data, response.iv, secretKey);
63
+ if (success && encrypted && data && iv) {
64
+ const decryptedData = (0, encrypt_1.decryptAESData)(data, iv, clientSecretKey);
96
65
  return decryptedData;
97
66
  }
98
67
  }),
package/dist/utils/encrypt.d.ts ADDED
@@ -0,0 +1,3 @@
1
+ import { CipherKey } from 'crypto';
2
+ export declare const generateSecretKey: () => Buffer<ArrayBufferLike>;
3
+ export declare const decryptAESData: (encryptedData: string, iv: string, secretKey: CipherKey) => Promise<any>;
package/dist/utils/encrypt.js ADDED
@@ -0,0 +1,28 @@
1
+ "use strict";
2
+ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
3
+ function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
4
+ return new (P || (P = Promise))(function (resolve, reject) {
5
+ function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
6
+ function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
7
+ function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
8
+ step((generator = generator.apply(thisArg, _arguments || [])).next());
9
+ });
10
+ };
11
+ var __importDefault = (this && this.__importDefault) || function (mod) {
12
+ return (mod && mod.__esModule) ? mod : { "default": mod };
13
+ };
14
+ Object.defineProperty(exports, "__esModule", { value: true });
15
+ exports.decryptAESData = exports.generateSecretKey = void 0;
16
+ const crypto_1 = __importDefault(require("crypto"));
17
+ const generateSecretKey = () => {
18
+ const secretKey = crypto_1.default.randomBytes(32);
19
+ return secretKey;
20
+ };
21
+ exports.generateSecretKey = generateSecretKey;
22
+ const decryptAESData = (encryptedData, iv, secretKey) => __awaiter(void 0, void 0, void 0, function* () {
23
+ const decipher = crypto_1.default.createDecipheriv('aes-256-cbc', secretKey, Buffer.from(iv, 'base64'));
24
+ let decrypted = decipher.update(encryptedData, 'base64', 'utf8');
25
+ decrypted += decipher.final('utf8');
26
+ return JSON.parse(decrypted);
27
+ });
28
+ exports.decryptAESData = decryptAESData;
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "squarefi-bff-api-module",
3
- "version": "1.12.1",
3
+ "version": "1.13.0",
4
4
  "description": "Squarefi BFF API client module",
5
5
  "main": "dist/index.js",
6
6
  "types": "dist/index.d.ts",
@@ -20,11 +20,12 @@
20
20
  "dependencies": {
21
21
  "@telegram-apps/sdk-react": "^3.1.2",
22
22
  "axios": "^1.6.7",
23
- "jsencrypt": "^3.3.2"
23
+ "node-rsa": "^1.1.1"
24
24
  },
25
25
  "devDependencies": {
26
26
  "@types/jest": "^29.x.x",
27
27
  "@types/node": "^20.x.x",
28
+ "@types/node-rsa": "^1.1.4",
28
29
  "jest": "^29.x.x",
29
30
  "ts-jest": "^29.x.x",
30
31
  "typescript": "^5.x.x"
package/src/api/issuing.ts CHANGED
@@ -1,15 +1,11 @@
1
1
  import { API } from './types';
2
+ import NodeRSA from 'node-rsa';
2
3
 
3
4
  import { apiClientV1 } from '../utils/apiClientFactory';
4
5
 
5
- import { defaultPaginationParams, SubAccountType } from '../constants';
6
+ import { defaultPaginationParams } from '../constants';
6
7
  import { fiat_accounts } from './fiat_accounts';
7
- import {
8
- arrayBufferToBase64,
9
- decodePEMFromBase64,
10
- decryptSensitiveData,
11
- generate256bitSecretKey,
12
- } from '../utils/common';
8
+ import { decryptAESData, generateSecretKey } from '../utils/encrypt';
13
9
 
14
10
  export const issuing = {
15
11
  cards: {
@@ -40,27 +36,25 @@ export const issuing = {
40
36
  encrypted: {
41
37
  secretKey: {
42
38
  get: async (card_id: string) => {
43
- const JSEncrypt = (await import('jsencrypt')).default;
44
- const serverPublicKey = process.env.SERVER_PUBLIC_KEY_BASE64;
45
- const encrypt = new JSEncrypt();
39
+ const serverPublicKeyEnv = process.env.SERVER_PUBLIC_KEY_BASE64;
40
+ const clientRsa = new NodeRSA();
46
41
 
47
- if (!serverPublicKey) {
42
+ if (!serverPublicKeyEnv) {
48
43
  throw new Error('SERVER_PUBLIC_KEY_BASE64 is not set');
49
44
  }
50
45
 
51
- const secretKey = generate256bitSecretKey();
52
- const secretKeyBase64 = arrayBufferToBase64(secretKey);
53
- const serverPublicKeyPEM = decodePEMFromBase64(serverPublicKey);
54
- encrypt.setPublicKey(serverPublicKeyPEM);
46
+ const serverPublicKey = Buffer.from(serverPublicKeyEnv, 'base64').toString('utf8');
47
+ clientRsa.importKey(serverPublicKey, 'pkcs8-public-pem');
55
48
 
56
- const payload = {
57
- key: secretKeyBase64,
49
+ const clientSecretKey = generateSecretKey();
50
+ const clientPayload = {
51
+ key: clientSecretKey.toString('base64'),
58
52
  timestamp: Date.now(),
59
53
  };
60
54
 
61
- const encrypted_key = encrypt.encrypt(JSON.stringify(payload));
55
+ const encrypted_key = clientRsa.encrypt(JSON.stringify(clientPayload), 'base64');
62
56
 
63
- const response = await apiClientV1.postRequest<API.Cards.SensitiveDataEncrypted>(
57
+ const { success, encrypted, data, iv } = await apiClientV1.postRequest<API.Cards.SensitiveDataEncrypted>(
64
58
  `/issuing/cards/${card_id}/sensitive/secretkey`,
65
59
  {
66
60
  data: {
@@ -68,8 +62,9 @@ export const issuing = {
68
62
  },
69
63
  }
70
64
  );
71
- if (response.success && response.encrypted && response.data && response.iv) {
72
- const decryptedData = await decryptSensitiveData(response.data, response.iv, secretKey);
65
+
66
+ if (success && encrypted && data && iv) {
67
+ const decryptedData = decryptAESData(data, iv, clientSecretKey);
73
68
 
74
69
  return decryptedData;
75
70
  }
package/src/utils/encrypt.ts ADDED
@@ -0,0 +1,13 @@
1
+ import crypto, { CipherKey } from 'crypto';
2
+
3
+ export const generateSecretKey = () => {
4
+ const secretKey = crypto.randomBytes(32);
5
+ return secretKey;
6
+ };
7
+
8
+ export const decryptAESData = async (encryptedData: string, iv: string, secretKey: CipherKey) => {
9
+ const decipher = crypto.createDecipheriv('aes-256-cbc', secretKey, Buffer.from(iv, 'base64'));
10
+ let decrypted = decipher.update(encryptedData, 'base64', 'utf8');
11
+ decrypted += decipher.final('utf8');
12
+ return JSON.parse(decrypted);
13
+ };
package/src/utils/common.ts DELETED
@@ -1,42 +0,0 @@
1
- export const generate256bitSecretKey = () => {
2
- const array = new Uint8Array(32);
3
- window.crypto.getRandomValues(array);
4
- return array;
5
- };
6
-
7
- export const arrayBufferToBase64 = (buffer: Uint8Array<ArrayBuffer>) => {
8
- return btoa(String.fromCharCode.apply(null, new Uint8Array(buffer) as any));
9
- };
10
-
11
- export const decodePEMFromBase64 = (base64EncodedPEM: string) => {
12
- return atob(base64EncodedPEM);
13
- };
14
-
15
- export const base64ToArrayBuffer = (base64: string) => {
16
- const binaryString = atob(base64);
17
- const bytes = new Uint8Array(binaryString.length);
18
- for (let i = 0; i < binaryString.length; i++) {
19
- bytes[i] = binaryString.charCodeAt(i);
20
- }
21
- return bytes.buffer;
22
- };
23
-
24
- export const decryptSensitiveData = async (encryptedData: string, iv: string, secretKey: BufferSource) => {
25
- const key = await window.crypto.subtle.importKey('raw', secretKey, { name: 'AES-CBC' }, false, ['decrypt']);
26
-
27
- const encryptedBuffer = base64ToArrayBuffer(encryptedData);
28
- const ivBuffer = base64ToArrayBuffer(iv);
29
-
30
- const decryptedBuffer = await window.crypto.subtle.decrypt(
31
- {
32
- name: 'AES-CBC',
33
- iv: ivBuffer,
34
- },
35
- key,
36
- encryptedBuffer
37
- );
38
-
39
- const decoder = new TextDecoder();
40
- const jsonText = decoder.decode(decryptedBuffer);
41
- return JSON.parse(jsonText);
42
- };