uppy-encrypt 1.0.0

package/LICENSE

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2023 0sum Co
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,71 @@
+# Uppy Encrypt
+
+An [Uppy](https://uppy.io/) Plugin to encrypt files on the browser before it's uploaded. Uppy Encrypt also comes with the ability to decrypt browser-side.
+
+Uppy Encrypt uses [libsodium.js](https://github.com/jedisct1/libsodium.js) for all the cryptographical magic.
+
+## Installation
+
+```bash
+npm i uppy-encrypt
+```
+
+## Encryption Example
+```javascript
+import { Uppy } from '@uppy/core';
+import UppyEncryptPlugin from 'uppy-encrypt';
+
+const uppy = new Uppy();
+uppy.use(UppyEncryptPlugin);
+
+// Optional: Set password manually, or disregard and a random password will be auto-generated
+// uppy.setMeta({ password: '$upers3cret!' });
+
+uppy.on('complete', async (result) => {
+  for (const file of result.successful) {
+    const salt = file.meta.encryption.salt; // Salt value used to increase security
+    const header = file.meta.encryption.header; // Header encryption data to kick off the decryption process
+    const hash = file.meta.encryption.hash; // Secure 1-way hash of the password
+    const meta = file.meta.encryption.meta;  // Encrypted file meta data (file name, type)
+    // ^ These are all safe to store in a database
+  }
+});
+```
+
+## Decryption Example
+```javascript
+import { UppyDecrypt, uppyEncryptReady } from 'uppy-encrypt';
+
+// Use the values generated from the encryption process
+// Usually, these would be stored/retrieved from a database
+const decrypt = async (hash, password, salt, header, meta, encryptedFileUrl) => {
+  // Ensure required libraries are loaded
+  await uppyEncryptReady();
+
+  // Verify provided password against the stored hash value
+  if (!UppyDecrypt.verifyPassword(hash, password)) {
+    // Invalid password
+    return;
+  }
+
+  // Decrypt Metadata
+  const decryptor = new UppyDecrypt(password, salt, header);
+  const decryptedMeta = decryptor.getDecryptedMetaData(meta.header, meta.data);
+
+  // Fetch & Decrypt the encrypted file
+  const file = await fetch(encryptedFileUrl);
+  const blob = await file.blob();
+  const decrypted = await decryptor.decryptFile(blob);
+
+  // Do something with the decrypted file, like download it
+  if (decrypted) {
+    const aElement = document.createElement('a');
+    aElement.setAttribute('download', decryptedMeta.name);
+    const href = URL.createObjectURL(decrypted);
+    aElement.href = href;
+    aElement.setAttribute('target', '_blank');
+    aElement.click();
+    URL.revokeObjectURL(href);
+  }
+}
+```

package/dist/index.d.mts

@@ -0,0 +1,57 @@
+import { Uppy, UppyFile, BasePlugin, DefaultPluginOptions } from '@uppy/core';
+
+declare class UppyEncrypt {
+    private uppy;
+    private password;
+    private salt;
+    private key;
+    private state;
+    private header;
+    private file;
+    private stream;
+    private streamController;
+    private streamCanceled;
+    private index;
+    constructor(uppy: Uppy, file: UppyFile<Record<string, unknown>, Record<string, unknown>>, password: string);
+    static generatePassword(): string;
+    encryptFile(): Promise<boolean>;
+    getEncryptedFile(): Promise<Blob>;
+    getEncryptMetaData(): {
+        header: string;
+        data: string;
+    };
+    getPasswordHash(): string;
+    getHeader(): string;
+    getSalt(): string;
+}
+
+interface DecryptedMetaData {
+    name: string;
+    type?: string;
+}
+declare class UppyDecrypt {
+    private key;
+    private state;
+    private stream;
+    private streamController;
+    private contentType;
+    private index;
+    constructor(password: string, salt: string, header: string);
+    static verifyPassword(hash: string, password: string): boolean;
+    decryptFile(file: Blob): Promise<Blob>;
+    getDecryptedMetaData(header: string, meta: string): DecryptedMetaData;
+}
+
+interface UppyEncryptPluginOptions extends DefaultPluginOptions {
+    password: string | null;
+}
+declare const uppyEncryptReady: () => Promise<void>;
+declare class UppyEncryptPlugin extends BasePlugin {
+    opts: UppyEncryptPluginOptions;
+    constructor(uppy: Uppy, opts?: UppyEncryptPluginOptions | undefined);
+    encryptFiles(fileIds: string[]): Promise<void>;
+    install(): void;
+    uninstall(): void;
+}
+
+export { type DecryptedMetaData, UppyDecrypt, UppyEncrypt, UppyEncryptPlugin, uppyEncryptReady };

package/dist/index.d.ts

@@ -0,0 +1,57 @@
+import { Uppy, UppyFile, BasePlugin, DefaultPluginOptions } from '@uppy/core';
+
+declare class UppyEncrypt {
+    private uppy;
+    private password;
+    private salt;
+    private key;
+    private state;
+    private header;
+    private file;
+    private stream;
+    private streamController;
+    private streamCanceled;
+    private index;
+    constructor(uppy: Uppy, file: UppyFile<Record<string, unknown>, Record<string, unknown>>, password: string);
+    static generatePassword(): string;
+    encryptFile(): Promise<boolean>;
+    getEncryptedFile(): Promise<Blob>;
+    getEncryptMetaData(): {
+        header: string;
+        data: string;
+    };
+    getPasswordHash(): string;
+    getHeader(): string;
+    getSalt(): string;
+}
+
+interface DecryptedMetaData {
+    name: string;
+    type?: string;
+}
+declare class UppyDecrypt {
+    private key;
+    private state;
+    private stream;
+    private streamController;
+    private contentType;
+    private index;
+    constructor(password: string, salt: string, header: string);
+    static verifyPassword(hash: string, password: string): boolean;
+    decryptFile(file: Blob): Promise<Blob>;
+    getDecryptedMetaData(header: string, meta: string): DecryptedMetaData;
+}
+
+interface UppyEncryptPluginOptions extends DefaultPluginOptions {
+    password: string | null;
+}
+declare const uppyEncryptReady: () => Promise<void>;
+declare class UppyEncryptPlugin extends BasePlugin {
+    opts: UppyEncryptPluginOptions;
+    constructor(uppy: Uppy, opts?: UppyEncryptPluginOptions | undefined);
+    encryptFiles(fileIds: string[]): Promise<void>;
+    install(): void;
+    uninstall(): void;
+}
+
+export { type DecryptedMetaData, UppyDecrypt, UppyEncrypt, UppyEncryptPlugin, uppyEncryptReady };

package/dist/index.js

@@ -0,0 +1,354 @@
+"use strict";
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getOwnPropSymbols = Object.getOwnPropertySymbols;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __propIsEnum = Object.prototype.propertyIsEnumerable;
+var __defNormalProp = (obj, key, value) => key in obj ? __defProp(obj, key, { enumerable: true, configurable: true, writable: true, value }) : obj[key] = value;
+var __spreadValues = (a, b) => {
+  for (var prop in b || (b = {}))
+    if (__hasOwnProp.call(b, prop))
+      __defNormalProp(a, prop, b[prop]);
+  if (__getOwnPropSymbols)
+    for (var prop of __getOwnPropSymbols(b)) {
+      if (__propIsEnum.call(b, prop))
+        __defNormalProp(a, prop, b[prop]);
+    }
+  return a;
+};
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var __async = (__this, __arguments, generator) => {
+  return new Promise((resolve, reject) => {
+    var fulfilled = (value) => {
+      try {
+        step(generator.next(value));
+      } catch (e) {
+        reject(e);
+      }
+    };
+    var rejected = (value) => {
+      try {
+        step(generator.throw(value));
+      } catch (e) {
+        reject(e);
+      }
+    };
+    var step = (x) => x.done ? resolve(x.value) : Promise.resolve(x.value).then(fulfilled, rejected);
+    step((generator = generator.apply(__this, __arguments)).next());
+  });
+};
+
+// src/index.ts
+var src_exports = {};
+__export(src_exports, {
+  UppyDecrypt: () => UppyDecrypt,
+  UppyEncrypt: () => UppyEncrypt,
+  UppyEncryptPlugin: () => UppyEncryptPlugin,
+  uppyEncryptReady: () => uppyEncryptReady
+});
+module.exports = __toCommonJS(src_exports);
+
+// src/UppyEncrypt.ts
+var import_libsodium_wrappers_sumo = __toESM(require("libsodium-wrappers-sumo"));
+
+// src/constants.ts
+var CHUNK_SIZE = 64 * 1024 * 1024;
+var SIGNATURE = "uppyencrypt";
+
+// src/UppyEncrypt.ts
+var sodium;
+(() => __async(void 0, null, function* () {
+  yield import_libsodium_wrappers_sumo.default.ready;
+  sodium = import_libsodium_wrappers_sumo.default;
+}))();
+var UppyEncrypt = class {
+  constructor(uppy, file, password) {
+    this.streamCanceled = false;
+    this.index = 0;
+    this.uppy = uppy;
+    this.file = file;
+    this.password = password;
+    uppy.on("cancel-all", () => {
+      this.streamCanceled = true;
+    });
+    this.streamController;
+    this.stream = new ReadableStream({
+      start: (controller) => {
+        this.streamController = controller;
+      }
+    });
+    this.salt = sodium.randombytes_buf(sodium.crypto_pwhash_SALTBYTES);
+    this.key = sodium.crypto_pwhash(
+      sodium.crypto_secretstream_xchacha20poly1305_KEYBYTES,
+      password,
+      this.salt,
+      sodium.crypto_pwhash_OPSLIMIT_INTERACTIVE,
+      sodium.crypto_pwhash_MEMLIMIT_INTERACTIVE,
+      sodium.crypto_pwhash_ALG_ARGON2ID13
+    );
+    const res = sodium.crypto_secretstream_xchacha20poly1305_init_push(this.key);
+    this.state = res.state;
+    this.header = res.header;
+  }
+  /**
+   * Helper function that generate a random password
+   */
+  static generatePassword() {
+    return sodium.to_base64(sodium.randombytes_buf(16), sodium.base64_variants.URLSAFE_NO_PADDING);
+  }
+  /**
+   * Encrypts the file
+   */
+  encryptFile() {
+    return __async(this, null, function* () {
+      if (!this.streamController) {
+        throw new Error("Encryption stream does not exist");
+      }
+      while (this.index < this.file.size) {
+        if (this.streamCanceled) {
+          yield this.stream.cancel();
+          return false;
+        }
+        if (this.index === 0) {
+          this.streamController.enqueue(new Uint8Array(new TextEncoder().encode(SIGNATURE)));
+          this.streamController.enqueue(this.salt);
+          this.streamController.enqueue(this.header);
+        }
+        const tag = this.index + CHUNK_SIZE < this.file.size ? sodium.crypto_secretstream_xchacha20poly1305_TAG_MESSAGE : sodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL;
+        const chunk = yield this.file.data.slice(this.index, this.index + CHUNK_SIZE).arrayBuffer();
+        const encryptedChunk = sodium.crypto_secretstream_xchacha20poly1305_push(this.state, new Uint8Array(chunk), null, tag);
+        this.streamController.enqueue(new Uint8Array(encryptedChunk));
+        this.uppy.emit("preprocess-progress", this.file, {
+          mode: "determinate",
+          message: `Encrypting ${this.file.name}...`,
+          value: this.index / this.file.size
+        });
+        this.index += CHUNK_SIZE;
+      }
+      this.uppy.emit("preprocess-progress", this.file, {
+        mode: "determinate",
+        message: `Encrypting ${this.file.name}...`,
+        value: 1
+      });
+      this.streamController.close();
+      return true;
+    });
+  }
+  /**
+   * Creates and returns a Blob of the encrypted file
+   */
+  getEncryptedFile() {
+    return __async(this, null, function* () {
+      const response = new Response(this.stream);
+      return response.blob();
+    });
+  }
+  /**
+   * Returns an encrypted representation of the file's metadata (name, content-type)
+   * header: base64-encoded header data
+   * meta: Encrypted JSON string of the file's metadata, base64-encoded
+   */
+  getEncryptMetaData() {
+    const res = sodium.crypto_secretstream_xchacha20poly1305_init_push(this.key);
+    const metaJson = JSON.stringify({ name: this.file.meta.name, type: this.file.meta.type || null });
+    const encryptedChunk = sodium.crypto_secretstream_xchacha20poly1305_push(
+      res.state,
+      new Uint8Array(new TextEncoder().encode(metaJson)),
+      null,
+      sodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL
+    );
+    return {
+      header: sodium.to_base64(res.header, sodium.base64_variants.URLSAFE_NO_PADDING),
+      data: sodium.to_base64(encryptedChunk, sodium.base64_variants.URLSAFE_NO_PADDING)
+    };
+  }
+  /**
+   * Returns a hash of the password base64-encoded
+   * This data is safe to store in a database, etc
+   */
+  getPasswordHash() {
+    return sodium.crypto_pwhash_str(this.password, sodium.crypto_pwhash_OPSLIMIT_INTERACTIVE, sodium.crypto_pwhash_MEMLIMIT_INTERACTIVE);
+  }
+  /**
+   * Returns the header base64-encoded
+   * This data is safe to store in a database, etc
+   */
+  getHeader() {
+    return sodium.to_base64(this.header, sodium.base64_variants.URLSAFE_NO_PADDING);
+  }
+  /**
+   * Returns the salt base64-encoded
+   * This data is safe to store in a database, etc
+   */
+  getSalt() {
+    return sodium.to_base64(this.salt, sodium.base64_variants.URLSAFE_NO_PADDING);
+  }
+};
+
+// src/UppyDecrypt.ts
+var import_libsodium_wrappers_sumo2 = __toESM(require("libsodium-wrappers-sumo"));
+var sodium2;
+(() => __async(void 0, null, function* () {
+  yield import_libsodium_wrappers_sumo2.default.ready;
+  sodium2 = import_libsodium_wrappers_sumo2.default;
+}))();
+var UppyDecrypt = class {
+  constructor(password, salt, header) {
+    this.index = 0;
+    const saltUint = sodium2.from_base64(salt, sodium2.base64_variants.URLSAFE_NO_PADDING);
+    const headerUint = sodium2.from_base64(header, sodium2.base64_variants.URLSAFE_NO_PADDING);
+    this.streamController;
+    this.stream = new ReadableStream({
+      start: (controller) => {
+        this.streamController = controller;
+      }
+    });
+    this.contentType = "";
+    this.key = sodium2.crypto_pwhash(
+      sodium2.crypto_secretstream_xchacha20poly1305_KEYBYTES,
+      password,
+      saltUint,
+      sodium2.crypto_pwhash_OPSLIMIT_INTERACTIVE,
+      sodium2.crypto_pwhash_MEMLIMIT_INTERACTIVE,
+      sodium2.crypto_pwhash_ALG_ARGON2ID13
+    );
+    this.state = sodium2.crypto_secretstream_xchacha20poly1305_init_pull(headerUint, this.key);
+    this.index = SIGNATURE.length + saltUint.length + headerUint.length;
+  }
+  /**
+   * Validates that the provided password is correct
+   * @param hash The hash value of the password created during UppyEncrypt
+   * @param password The user-provided password
+   * @returns {bool} true if correct password
+   */
+  static verifyPassword(hash, password) {
+    return sodium2.crypto_pwhash_str_verify(hash, password);
+  }
+  /**
+   * Decrypts the provided file
+   * @param file Blob of encryptyed file
+   * @returns Decrypted file as a blob
+   */
+  decryptFile(file) {
+    return __async(this, null, function* () {
+      if (!this.streamController) {
+        throw new Error("Encryption stream does not exist");
+      }
+      while (this.index < file.size) {
+        const chunk = yield file.slice(this.index, this.index + CHUNK_SIZE + sodium2.crypto_secretstream_xchacha20poly1305_ABYTES).arrayBuffer();
+        const decryptedChunk = sodium2.crypto_secretstream_xchacha20poly1305_pull(this.state, new Uint8Array(chunk));
+        this.streamController.enqueue(decryptedChunk.message);
+        this.index += CHUNK_SIZE + sodium2.crypto_secretstream_xchacha20poly1305_ABYTES;
+      }
+      this.streamController.close();
+      const response = new Response(this.stream, { headers: { "Content-Type": this.contentType } });
+      return response.blob();
+    });
+  }
+  /**
+   *
+   * @param header Header created during encryption of the meta data
+   * @param meta Encrypted meta data string
+   * @returns object of the decrypted meta data
+   */
+  getDecryptedMetaData(header, meta) {
+    const state = sodium2.crypto_secretstream_xchacha20poly1305_init_pull(sodium2.from_base64(header, sodium2.base64_variants.URLSAFE_NO_PADDING), this.key);
+    const decryptedChunk = sodium2.crypto_secretstream_xchacha20poly1305_pull(state, sodium2.from_base64(meta, sodium2.base64_variants.URLSAFE_NO_PADDING));
+    if (!decryptedChunk)
+      throw new Error("Unable to decrypt meta data");
+    const decryptedMeta = JSON.parse(new TextDecoder().decode(decryptedChunk.message));
+    if (decryptedMeta.type)
+      this.contentType = decryptedMeta.type;
+    return decryptedMeta;
+  }
+};
+
+// src/index.ts
+var import_libsodium_wrappers_sumo3 = __toESM(require("libsodium-wrappers-sumo"));
+var import_core = require("@uppy/core");
+var sodiumIsReady = false;
+var uppyEncryptReady = () => __async(void 0, null, function* () {
+  if (!sodiumIsReady) {
+    yield import_libsodium_wrappers_sumo3.default.ready;
+    sodiumIsReady = true;
+  }
+});
+var UppyEncryptPlugin = class extends import_core.BasePlugin {
+  constructor(uppy, opts) {
+    var _a;
+    super(uppy, opts);
+    this.id = (_a = opts == null ? void 0 : opts.id) != null ? _a : "UppyEncryptPlugin";
+    this.type = "modifier";
+    const defaultOptions = {
+      password: null
+    };
+    this.opts = __spreadValues(__spreadValues({}, defaultOptions), opts);
+    this.encryptFiles = this.encryptFiles.bind(this);
+  }
+  encryptFiles(fileIds) {
+    return __async(this, null, function* () {
+      this.opts.password = this.opts.password || UppyEncrypt.generatePassword();
+      this.uppy.setMeta({ password: this.opts.password });
+      for (const fileId of fileIds) {
+        const file = this.uppy.getFile(fileId);
+        const enc = new UppyEncrypt(this.uppy, file, this.opts.password);
+        if (yield enc.encryptFile()) {
+          this.uppy.emit("preprocess-complete", file);
+          let blob = yield enc.getEncryptedFile();
+          this.uppy.setFileState(fileId, {
+            type: "application/octet-stream",
+            data: blob,
+            size: blob.size
+          });
+          this.uppy.setFileMeta(fileId, {
+            name: `${file.name}.enc`,
+            type: "application/octet-stream",
+            encryption: {
+              salt: enc.getSalt(),
+              header: enc.getHeader(),
+              hash: enc.getPasswordHash(),
+              meta: enc.getEncryptMetaData()
+            }
+          });
+        }
+      }
+    });
+  }
+  install() {
+    this.uppy.addPreProcessor(this.encryptFiles);
+  }
+  uninstall() {
+    this.uppy.removePreProcessor(this.encryptFiles);
+  }
+};
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  UppyDecrypt,
+  UppyEncrypt,
+  UppyEncryptPlugin,
+  uppyEncryptReady
+});
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/index.ts","../src/UppyEncrypt.ts","../src/constants.ts","../src/UppyDecrypt.ts"],"sourcesContent":["import UppyEncrypt from './UppyEncrypt';\nimport UppyDecrypt, { type DecryptedMetaData } from './UppyDecrypt';\nimport _sodium from 'libsodium-wrappers-sumo';\nimport { BasePlugin, type DefaultPluginOptions, Uppy } from '@uppy/core';\n\ninterface UppyEncryptPluginOptions extends DefaultPluginOptions {\n  password: string | null;\n}\n\n// Sodium is initialized automatically within UppyEncrypt / UppyDecrypt\n// Optionally call this to ensure initialization\nlet sodiumIsReady = false;\nexport const uppyEncryptReady = async () => {\n  if (!sodiumIsReady) {\n    await _sodium.ready;\n    sodiumIsReady = true;\n  }\n};\n\nexport class UppyEncryptPlugin extends BasePlugin {\n  opts: UppyEncryptPluginOptions;\n\n  constructor(uppy: Uppy, opts?: UppyEncryptPluginOptions | undefined) {\n    super(uppy, opts);\n    this.id = opts?.id ?? 'UppyEncryptPlugin';\n    this.type = 'modifier';\n\n    const defaultOptions = {\n      password: null,\n    };\n    this.opts = { ...defaultOptions, ...opts };\n\n    this.encryptFiles = this.encryptFiles.bind(this);\n  }\n\n  async encryptFiles(fileIds: string[]) {\n    // Generate a password here if none is already set\n    this.opts.password = this.opts.password || UppyEncrypt.generatePassword();\n\n    // Add password to meta data so it can be referenced externally\n    this.uppy.setMeta({ password: this.opts.password });\n\n    for (const fileId of fileIds) {\n      const file = this.uppy.getFile(fileId);\n      const enc = new UppyEncrypt(this.uppy, file, this.opts.password);\n      if (await enc.encryptFile()) {\n        this.uppy.emit('preprocess-complete', file);\n        let blob = await enc.getEncryptedFile();\n        this.uppy.setFileState(fileId, {\n          type: 'application/octet-stream',\n          data: blob,\n          size: blob.size,\n        });\n\n        this.uppy.setFileMeta(fileId, {\n          name: `${file.name}.enc`,\n          type: 'application/octet-stream',\n          encryption: {\n            salt: enc.getSalt(),\n            header: enc.getHeader(),\n            hash: enc.getPasswordHash(),\n            meta: enc.getEncryptMetaData(),\n          },\n        });\n      }\n    }\n  }\n\n  install() {\n    this.uppy.addPreProcessor(this.encryptFiles);\n  }\n\n  uninstall() {\n    this.uppy.removePreProcessor(this.encryptFiles);\n  }\n}\n\nexport { UppyEncrypt, UppyDecrypt, DecryptedMetaData };\n","import type { Uppy, UppyFile } from '@uppy/core';\nimport _sodium from 'libsodium-wrappers-sumo';\nimport { CHUNK_SIZE, SIGNATURE } from './constants';\n\n// Init Sodium\nlet sodium: typeof _sodium;\n(async () => {\n  await _sodium.ready;\n  sodium = _sodium;\n})();\n\nexport default class UppyEncrypt {\n  private uppy: Uppy;\n  private password: string;\n  private salt: Uint8Array;\n  private key: Uint8Array;\n  private state: _sodium.StateAddress;\n  private header: Uint8Array;\n  private file: UppyFile<Record<string, unknown>, Record<string, unknown>>;\n  private stream: ReadableStream;\n  private streamController: ReadableStreamDefaultController | undefined;\n  private streamCanceled = false;\n\n  private index = 0;\n\n  constructor(uppy: Uppy, file: UppyFile<Record<string, unknown>, Record<string, unknown>>, password: string) {\n    this.uppy = uppy;\n    this.file = file;\n    this.password = password;\n\n    // Set Uppy event handlers that effect the encryption process\n    uppy.on('cancel-all', () => {\n      this.streamCanceled = true;\n    });\n\n    this.streamController;\n    this.stream = new ReadableStream({\n      start: (controller) => {\n        this.streamController = controller;\n      },\n    });\n\n    this.salt = sodium.randombytes_buf(sodium.crypto_pwhash_SALTBYTES);\n    this.key = sodium.crypto_pwhash(\n      sodium.crypto_secretstream_xchacha20poly1305_KEYBYTES,\n      password,\n      this.salt,\n      sodium.crypto_pwhash_OPSLIMIT_INTERACTIVE,\n      sodium.crypto_pwhash_MEMLIMIT_INTERACTIVE,\n      sodium.crypto_pwhash_ALG_ARGON2ID13\n    );\n\n    const res = sodium.crypto_secretstream_xchacha20poly1305_init_push(this.key);\n    this.state = res.state;\n    this.header = res.header;\n  }\n\n  /**\n   * Helper function that generate a random password\n   */\n  static generatePassword() {\n    return sodium.to_base64(sodium.randombytes_buf(16), sodium.base64_variants.URLSAFE_NO_PADDING);\n  }\n\n  /**\n   * Encrypts the file\n   */\n  async encryptFile() {\n    if (!this.streamController) {\n      throw new Error('Encryption stream does not exist');\n    }\n\n    while (this.index < this.file.size) {\n      if (this.streamCanceled) {\n        await this.stream.cancel();\n        return false;\n      }\n\n      // If first chunk\n      if (this.index === 0) {\n        this.streamController.enqueue(new Uint8Array(new TextEncoder().encode(SIGNATURE)));\n        this.streamController.enqueue(this.salt);\n        this.streamController.enqueue(this.header);\n      }\n\n      const tag =\n        this.index + CHUNK_SIZE < this.file.size\n          ? sodium.crypto_secretstream_xchacha20poly1305_TAG_MESSAGE\n          : sodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL;\n\n      const chunk = await this.file.data.slice(this.index, this.index + CHUNK_SIZE).arrayBuffer();\n      const encryptedChunk = sodium.crypto_secretstream_xchacha20poly1305_push(this.state, new Uint8Array(chunk), null, tag);\n\n      this.streamController.enqueue(new Uint8Array(encryptedChunk));\n\n      this.uppy.emit('preprocess-progress', this.file, {\n        mode: 'determinate',\n        message: `Encrypting ${this.file.name}...`,\n        value: this.index / this.file.size,\n      });\n\n      this.index += CHUNK_SIZE;\n    }\n\n    this.uppy.emit('preprocess-progress', this.file, {\n      mode: 'determinate',\n      message: `Encrypting ${this.file.name}...`,\n      value: 1,\n    });\n\n    this.streamController.close();\n\n    return true;\n  }\n\n  /**\n   * Creates and returns a Blob of the encrypted file\n   */\n  async getEncryptedFile() {\n    const response = new Response(this.stream);\n    return response.blob();\n  }\n\n  /**\n   * Returns an encrypted representation of the file's metadata (name, content-type)\n   * header: base64-encoded header data\n   * meta: Encrypted JSON string of the file's metadata, base64-encoded\n   */\n  getEncryptMetaData() {\n    // Init fresh state\n    const res = sodium.crypto_secretstream_xchacha20poly1305_init_push(this.key);\n\n    const metaJson = JSON.stringify({ name: this.file.meta.name, type: this.file.meta.type || null });\n    const encryptedChunk = sodium.crypto_secretstream_xchacha20poly1305_push(\n      res.state,\n      new Uint8Array(new TextEncoder().encode(metaJson)),\n      null,\n      sodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL\n    );\n\n    return {\n      header: sodium.to_base64(res.header, sodium.base64_variants.URLSAFE_NO_PADDING),\n      data: sodium.to_base64(encryptedChunk, sodium.base64_variants.URLSAFE_NO_PADDING),\n    };\n  }\n\n  /**\n   * Returns a hash of the password base64-encoded\n   * This data is safe to store in a database, etc\n   */\n  getPasswordHash() {\n    return sodium.crypto_pwhash_str(this.password, sodium.crypto_pwhash_OPSLIMIT_INTERACTIVE, sodium.crypto_pwhash_MEMLIMIT_INTERACTIVE);\n  }\n\n  /**\n   * Returns the header base64-encoded\n   * This data is safe to store in a database, etc\n   */\n  getHeader() {\n    return sodium.to_base64(this.header, sodium.base64_variants.URLSAFE_NO_PADDING);\n  }\n\n  /**\n   * Returns the salt base64-encoded\n   * This data is safe to store in a database, etc\n   */\n  getSalt() {\n    return sodium.to_base64(this.salt, sodium.base64_variants.URLSAFE_NO_PADDING);\n  }\n}\n","export const CHUNK_SIZE = 64 * 1024 * 1024;\nexport const SIGNATURE = 'uppyencrypt';\n","import _sodium from 'libsodium-wrappers-sumo';\nimport { CHUNK_SIZE, SIGNATURE } from './constants';\n\nexport interface DecryptedMetaData {\n  name: string;\n  type?: string;\n}\n\n// Init Sodium\nlet sodium: typeof _sodium;\n(async () => {\n  await _sodium.ready;\n  sodium = _sodium;\n})();\n\nexport default class UppyDecrypt {\n  private key: Uint8Array;\n  private state: _sodium.StateAddress;\n  private stream: ReadableStream;\n  private streamController: ReadableStreamDefaultController | undefined;\n  private contentType: string;\n\n  private index = 0;\n\n  constructor(password: string, salt: string, header: string) {\n    const saltUint = sodium.from_base64(salt, sodium.base64_variants.URLSAFE_NO_PADDING);\n    const headerUint = sodium.from_base64(header, sodium.base64_variants.URLSAFE_NO_PADDING);\n\n    this.streamController;\n    this.stream = new ReadableStream({\n      start: (controller) => {\n        this.streamController = controller;\n      },\n    });\n    this.contentType = ''; // Defined if/when meta-data is decrypted\n\n    this.key = sodium.crypto_pwhash(\n      sodium.crypto_secretstream_xchacha20poly1305_KEYBYTES,\n      password,\n      saltUint,\n      sodium.crypto_pwhash_OPSLIMIT_INTERACTIVE,\n      sodium.crypto_pwhash_MEMLIMIT_INTERACTIVE,\n      sodium.crypto_pwhash_ALG_ARGON2ID13\n    );\n\n    this.state = sodium.crypto_secretstream_xchacha20poly1305_init_pull(headerUint, this.key);\n\n    this.index = SIGNATURE.length + saltUint.length + headerUint.length;\n  }\n\n  /**\n   * Validates that the provided password is correct\n   * @param hash The hash value of the password created during UppyEncrypt\n   * @param password The user-provided password\n   * @returns {bool} true if correct password\n   */\n  static verifyPassword(hash: string, password: string) {\n    return sodium.crypto_pwhash_str_verify(hash, password);\n  }\n\n  /**\n   * Decrypts the provided file\n   * @param file Blob of encryptyed file\n   * @returns Decrypted file as a blob\n   */\n  async decryptFile(file: Blob) {\n    if (!this.streamController) {\n      throw new Error('Encryption stream does not exist');\n    }\n\n    while (this.index < file.size) {\n      const chunk = await file.slice(this.index, this.index + CHUNK_SIZE + sodium.crypto_secretstream_xchacha20poly1305_ABYTES).arrayBuffer();\n      const decryptedChunk = sodium.crypto_secretstream_xchacha20poly1305_pull(this.state, new Uint8Array(chunk));\n\n      this.streamController.enqueue(decryptedChunk.message);\n\n      this.index += CHUNK_SIZE + sodium.crypto_secretstream_xchacha20poly1305_ABYTES;\n    }\n\n    this.streamController.close();\n\n    const response = new Response(this.stream, { headers: { 'Content-Type': this.contentType } });\n    return response.blob();\n  }\n\n  /**\n   *\n   * @param header Header created during encryption of the meta data\n   * @param meta Encrypted meta data string\n   * @returns object of the decrypted meta data\n   */\n  getDecryptedMetaData(header: string, meta: string) {\n    // Init fresh state\n    const state = sodium.crypto_secretstream_xchacha20poly1305_init_pull(sodium.from_base64(header, sodium.base64_variants.URLSAFE_NO_PADDING), this.key);\n    const decryptedChunk = sodium.crypto_secretstream_xchacha20poly1305_pull(state, sodium.from_base64(meta, sodium.base64_variants.URLSAFE_NO_PADDING));\n\n    if (!decryptedChunk) throw new Error('Unable to decrypt meta data');\n    const decryptedMeta = JSON.parse(new TextDecoder().decode(decryptedChunk.message)) as DecryptedMetaData;\n    if (decryptedMeta.type) this.contentType = decryptedMeta.type;\n    return decryptedMeta;\n  }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACCA,qCAAoB;;;ACDb,IAAM,aAAa,KAAK,OAAO;AAC/B,IAAM,YAAY;;;ADIzB,IAAI;AAAA,CACH,MAAY;AACX,QAAM,+BAAAA,QAAQ;AACd,WAAS,+BAAAA;AACX,IAAG;AAEH,IAAqB,cAArB,MAAiC;AAAA,EAc/B,YAAY,MAAY,MAAkE,UAAkB;AAJ5G,SAAQ,iBAAiB;AAEzB,SAAQ,QAAQ;AAGd,SAAK,OAAO;AACZ,SAAK,OAAO;AACZ,SAAK,WAAW;AAGhB,SAAK,GAAG,cAAc,MAAM;AAC1B,WAAK,iBAAiB;AAAA,IACxB,CAAC;AAED,SAAK;AACL,SAAK,SAAS,IAAI,eAAe;AAAA,MAC/B,OAAO,CAAC,eAAe;AACrB,aAAK,mBAAmB;AAAA,MAC1B;AAAA,IACF,CAAC;AAED,SAAK,OAAO,OAAO,gBAAgB,OAAO,uBAAuB;AACjE,SAAK,MAAM,OAAO;AAAA,MAChB,OAAO;AAAA,MACP;AAAA,MACA,KAAK;AAAA,MACL,OAAO;AAAA,MACP,OAAO;AAAA,MACP,OAAO;AAAA,IACT;AAEA,UAAM,MAAM,OAAO,gDAAgD,KAAK,GAAG;AAC3E,SAAK,QAAQ,IAAI;AACjB,SAAK,SAAS,IAAI;AAAA,EACpB;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,mBAAmB;AACxB,WAAO,OAAO,UAAU,OAAO,gBAAgB,EAAE,GAAG,OAAO,gBAAgB,kBAAkB;AAAA,EAC/F;AAAA;AAAA;AAAA;AAAA,EAKM,cAAc;AAAA;AAClB,UAAI,CAAC,KAAK,kBAAkB;AAC1B,cAAM,IAAI,MAAM,kCAAkC;AAAA,MACpD;AAEA,aAAO,KAAK,QAAQ,KAAK,KAAK,MAAM;AAClC,YAAI,KAAK,gBAAgB;AACvB,gBAAM,KAAK,OAAO,OAAO;AACzB,iBAAO;AAAA,QACT;AAGA,YAAI,KAAK,UAAU,GAAG;AACpB,eAAK,iBAAiB,QAAQ,IAAI,WAAW,IAAI,YAAY,EAAE,OAAO,SAAS,CAAC,CAAC;AACjF,eAAK,iBAAiB,QAAQ,KAAK,IAAI;AACvC,eAAK,iBAAiB,QAAQ,KAAK,MAAM;AAAA,QAC3C;AAEA,cAAM,MACJ,KAAK,QAAQ,aAAa,KAAK,KAAK,OAChC,OAAO,oDACP,OAAO;AAEb,cAAM,QAAQ,MAAM,KAAK,KAAK,KAAK,MAAM,KAAK,OAAO,KAAK,QAAQ,UAAU,EAAE,YAAY;AAC1F,cAAM,iBAAiB,OAAO,2CAA2C,KAAK,OAAO,IAAI,WAAW,KAAK,GAAG,MAAM,GAAG;AAErH,aAAK,iBAAiB,QAAQ,IAAI,WAAW,cAAc,CAAC;AAE5D,aAAK,KAAK,KAAK,uBAAuB,KAAK,MAAM;AAAA,UAC/C,MAAM;AAAA,UACN,SAAS,cAAc,KAAK,KAAK,IAAI;AAAA,UACrC,OAAO,KAAK,QAAQ,KAAK,KAAK;AAAA,QAChC,CAAC;AAED,aAAK,SAAS;AAAA,MAChB;AAEA,WAAK,KAAK,KAAK,uBAAuB,KAAK,MAAM;AAAA,QAC/C,MAAM;AAAA,QACN,SAAS,cAAc,KAAK,KAAK,IAAI;AAAA,QACrC,OAAO;AAAA,MACT,CAAC;AAED,WAAK,iBAAiB,MAAM;AAE5B,aAAO;AAAA,IACT;AAAA;AAAA;AAAA;AAAA;AAAA,EAKM,mBAAmB;AAAA;AACvB,YAAM,WAAW,IAAI,SAAS,KAAK,MAAM;AACzC,aAAO,SAAS,KAAK;AAAA,IACvB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,qBAAqB;AAEnB,UAAM,MAAM,OAAO,gDAAgD,KAAK,GAAG;AAE3E,UAAM,WAAW,KAAK,UAAU,EAAE,MAAM,KAAK,KAAK,KAAK,MAAM,MAAM,KAAK,KAAK,KAAK,QAAQ,KAAK,CAAC;AAChG,UAAM,iBAAiB,OAAO;AAAA,MAC5B,IAAI;AAAA,MACJ,IAAI,WAAW,IAAI,YAAY,EAAE,OAAO,QAAQ,CAAC;AAAA,MACjD;AAAA,MACA,OAAO;AAAA,IACT;AAEA,WAAO;AAAA,MACL,QAAQ,OAAO,UAAU,IAAI,QAAQ,OAAO,gBAAgB,kBAAkB;AAAA,MAC9E,MAAM,OAAO,UAAU,gBAAgB,OAAO,gBAAgB,kBAAkB;AAAA,IAClF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,kBAAkB;AAChB,WAAO,OAAO,kBAAkB,KAAK,UAAU,OAAO,oCAAoC,OAAO,kCAAkC;AAAA,EACrI;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,YAAY;AACV,WAAO,OAAO,UAAU,KAAK,QAAQ,OAAO,gBAAgB,kBAAkB;AAAA,EAChF;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,UAAU;AACR,WAAO,OAAO,UAAU,KAAK,MAAM,OAAO,gBAAgB,kBAAkB;AAAA,EAC9E;AACF;;;AEzKA,IAAAC,kCAAoB;AASpB,IAAIC;AAAA,CACH,MAAY;AACX,QAAM,gCAAAC,QAAQ;AACd,EAAAD,UAAS,gCAAAC;AACX,IAAG;AAEH,IAAqB,cAArB,MAAiC;AAAA,EAS/B,YAAY,UAAkB,MAAc,QAAgB;AAF5D,SAAQ,QAAQ;AAGd,UAAM,WAAWD,QAAO,YAAY,MAAMA,QAAO,gBAAgB,kBAAkB;AACnF,UAAM,aAAaA,QAAO,YAAY,QAAQA,QAAO,gBAAgB,kBAAkB;AAEvF,SAAK;AACL,SAAK,SAAS,IAAI,eAAe;AAAA,MAC/B,OAAO,CAAC,eAAe;AACrB,aAAK,mBAAmB;AAAA,MAC1B;AAAA,IACF,CAAC;AACD,SAAK,cAAc;AAEnB,SAAK,MAAMA,QAAO;AAAA,MAChBA,QAAO;AAAA,MACP;AAAA,MACA;AAAA,MACAA,QAAO;AAAA,MACPA,QAAO;AAAA,MACPA,QAAO;AAAA,IACT;AAEA,SAAK,QAAQA,QAAO,gDAAgD,YAAY,KAAK,GAAG;AAExF,SAAK,QAAQ,UAAU,SAAS,SAAS,SAAS,WAAW;AAAA,EAC/D;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,OAAO,eAAe,MAAc,UAAkB;AACpD,WAAOA,QAAO,yBAAyB,MAAM,QAAQ;AAAA,EACvD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOM,YAAY,MAAY;AAAA;AAC5B,UAAI,CAAC,KAAK,kBAAkB;AAC1B,cAAM,IAAI,MAAM,kCAAkC;AAAA,MACpD;AAEA,aAAO,KAAK,QAAQ,KAAK,MAAM;AAC7B,cAAM,QAAQ,MAAM,KAAK,MAAM,KAAK,OAAO,KAAK,QAAQ,aAAaA,QAAO,4CAA4C,EAAE,YAAY;AACtI,cAAM,iBAAiBA,QAAO,2CAA2C,KAAK,OAAO,IAAI,WAAW,KAAK,CAAC;AAE1G,aAAK,iBAAiB,QAAQ,eAAe,OAAO;AAEpD,aAAK,SAAS,aAAaA,QAAO;AAAA,MACpC;AAEA,WAAK,iBAAiB,MAAM;AAE5B,YAAM,WAAW,IAAI,SAAS,KAAK,QAAQ,EAAE,SAAS,EAAE,gBAAgB,KAAK,YAAY,EAAE,CAAC;AAC5F,aAAO,SAAS,KAAK;AAAA,IACvB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,qBAAqB,QAAgB,MAAc;AAEjD,UAAM,QAAQA,QAAO,gDAAgDA,QAAO,YAAY,QAAQA,QAAO,gBAAgB,kBAAkB,GAAG,KAAK,GAAG;AACpJ,UAAM,iBAAiBA,QAAO,2CAA2C,OAAOA,QAAO,YAAY,MAAMA,QAAO,gBAAgB,kBAAkB,CAAC;AAEnJ,QAAI,CAAC;AAAgB,YAAM,IAAI,MAAM,6BAA6B;AAClE,UAAM,gBAAgB,KAAK,MAAM,IAAI,YAAY,EAAE,OAAO,eAAe,OAAO,CAAC;AACjF,QAAI,cAAc;AAAM,WAAK,cAAc,cAAc;AACzD,WAAO;AAAA,EACT;AACF;;;AHnGA,IAAAE,kCAAoB;AACpB,kBAA4D;AAQ5D,IAAI,gBAAgB;AACb,IAAM,mBAAmB,MAAY;AAC1C,MAAI,CAAC,eAAe;AAClB,UAAM,gCAAAC,QAAQ;AACd,oBAAgB;AAAA,EAClB;AACF;AAEO,IAAM,oBAAN,cAAgC,uBAAW;AAAA,EAGhD,YAAY,MAAY,MAA6C;AAtBvE;AAuBI,UAAM,MAAM,IAAI;AAChB,SAAK,MAAK,kCAAM,OAAN,YAAY;AACtB,SAAK,OAAO;AAEZ,UAAM,iBAAiB;AAAA,MACrB,UAAU;AAAA,IACZ;AACA,SAAK,OAAO,kCAAK,iBAAmB;AAEpC,SAAK,eAAe,KAAK,aAAa,KAAK,IAAI;AAAA,EACjD;AAAA,EAEM,aAAa,SAAmB;AAAA;AAEpC,WAAK,KAAK,WAAW,KAAK,KAAK,YAAY,YAAY,iBAAiB;AAGxE,WAAK,KAAK,QAAQ,EAAE,UAAU,KAAK,KAAK,SAAS,CAAC;AAElD,iBAAW,UAAU,SAAS;AAC5B,cAAM,OAAO,KAAK,KAAK,QAAQ,MAAM;AACrC,cAAM,MAAM,IAAI,YAAY,KAAK,MAAM,MAAM,KAAK,KAAK,QAAQ;AAC/D,YAAI,MAAM,IAAI,YAAY,GAAG;AAC3B,eAAK,KAAK,KAAK,uBAAuB,IAAI;AAC1C,cAAI,OAAO,MAAM,IAAI,iBAAiB;AACtC,eAAK,KAAK,aAAa,QAAQ;AAAA,YAC7B,MAAM;AAAA,YACN,MAAM;AAAA,YACN,MAAM,KAAK;AAAA,UACb,CAAC;AAED,eAAK,KAAK,YAAY,QAAQ;AAAA,YAC5B,MAAM,GAAG,KAAK,IAAI;AAAA,YAClB,MAAM;AAAA,YACN,YAAY;AAAA,cACV,MAAM,IAAI,QAAQ;AAAA,cAClB,QAAQ,IAAI,UAAU;AAAA,cACtB,MAAM,IAAI,gBAAgB;AAAA,cAC1B,MAAM,IAAI,mBAAmB;AAAA,YAC/B;AAAA,UACF,CAAC;AAAA,QACH;AAAA,MACF;AAAA,IACF;AAAA;AAAA,EAEA,UAAU;AACR,SAAK,KAAK,gBAAgB,KAAK,YAAY;AAAA,EAC7C;AAAA,EAEA,YAAY;AACV,SAAK,KAAK,mBAAmB,KAAK,YAAY;AAAA,EAChD;AACF;","names":["_sodium","import_libsodium_wrappers_sumo","sodium","_sodium","import_libsodium_wrappers_sumo","_sodium"]}

package/dist/index.mjs

@@ -0,0 +1,317 @@
+var __defProp = Object.defineProperty;
+var __getOwnPropSymbols = Object.getOwnPropertySymbols;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __propIsEnum = Object.prototype.propertyIsEnumerable;
+var __defNormalProp = (obj, key, value) => key in obj ? __defProp(obj, key, { enumerable: true, configurable: true, writable: true, value }) : obj[key] = value;
+var __spreadValues = (a, b) => {
+  for (var prop in b || (b = {}))
+    if (__hasOwnProp.call(b, prop))
+      __defNormalProp(a, prop, b[prop]);
+  if (__getOwnPropSymbols)
+    for (var prop of __getOwnPropSymbols(b)) {
+      if (__propIsEnum.call(b, prop))
+        __defNormalProp(a, prop, b[prop]);
+    }
+  return a;
+};
+var __async = (__this, __arguments, generator) => {
+  return new Promise((resolve, reject) => {
+    var fulfilled = (value) => {
+      try {
+        step(generator.next(value));
+      } catch (e) {
+        reject(e);
+      }
+    };
+    var rejected = (value) => {
+      try {
+        step(generator.throw(value));
+      } catch (e) {
+        reject(e);
+      }
+    };
+    var step = (x) => x.done ? resolve(x.value) : Promise.resolve(x.value).then(fulfilled, rejected);
+    step((generator = generator.apply(__this, __arguments)).next());
+  });
+};
+
+// src/UppyEncrypt.ts
+import _sodium from "libsodium-wrappers-sumo";
+
+// src/constants.ts
+var CHUNK_SIZE = 64 * 1024 * 1024;
+var SIGNATURE = "uppyencrypt";
+
+// src/UppyEncrypt.ts
+var sodium;
+(() => __async(void 0, null, function* () {
+  yield _sodium.ready;
+  sodium = _sodium;
+}))();
+var UppyEncrypt = class {
+  constructor(uppy, file, password) {
+    this.streamCanceled = false;
+    this.index = 0;
+    this.uppy = uppy;
+    this.file = file;
+    this.password = password;
+    uppy.on("cancel-all", () => {
+      this.streamCanceled = true;
+    });
+    this.streamController;
+    this.stream = new ReadableStream({
+      start: (controller) => {
+        this.streamController = controller;
+      }
+    });
+    this.salt = sodium.randombytes_buf(sodium.crypto_pwhash_SALTBYTES);
+    this.key = sodium.crypto_pwhash(
+      sodium.crypto_secretstream_xchacha20poly1305_KEYBYTES,
+      password,
+      this.salt,
+      sodium.crypto_pwhash_OPSLIMIT_INTERACTIVE,
+      sodium.crypto_pwhash_MEMLIMIT_INTERACTIVE,
+      sodium.crypto_pwhash_ALG_ARGON2ID13
+    );
+    const res = sodium.crypto_secretstream_xchacha20poly1305_init_push(this.key);
+    this.state = res.state;
+    this.header = res.header;
+  }
+  /**
+   * Helper function that generate a random password
+   */
+  static generatePassword() {
+    return sodium.to_base64(sodium.randombytes_buf(16), sodium.base64_variants.URLSAFE_NO_PADDING);
+  }
+  /**
+   * Encrypts the file
+   */
+  encryptFile() {
+    return __async(this, null, function* () {
+      if (!this.streamController) {
+        throw new Error("Encryption stream does not exist");
+      }
+      while (this.index < this.file.size) {
+        if (this.streamCanceled) {
+          yield this.stream.cancel();
+          return false;
+        }
+        if (this.index === 0) {
+          this.streamController.enqueue(new Uint8Array(new TextEncoder().encode(SIGNATURE)));
+          this.streamController.enqueue(this.salt);
+          this.streamController.enqueue(this.header);
+        }
+        const tag = this.index + CHUNK_SIZE < this.file.size ? sodium.crypto_secretstream_xchacha20poly1305_TAG_MESSAGE : sodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL;
+        const chunk = yield this.file.data.slice(this.index, this.index + CHUNK_SIZE).arrayBuffer();
+        const encryptedChunk = sodium.crypto_secretstream_xchacha20poly1305_push(this.state, new Uint8Array(chunk), null, tag);
+        this.streamController.enqueue(new Uint8Array(encryptedChunk));
+        this.uppy.emit("preprocess-progress", this.file, {
+          mode: "determinate",
+          message: `Encrypting ${this.file.name}...`,
+          value: this.index / this.file.size
+        });
+        this.index += CHUNK_SIZE;
+      }
+      this.uppy.emit("preprocess-progress", this.file, {
+        mode: "determinate",
+        message: `Encrypting ${this.file.name}...`,
+        value: 1
+      });
+      this.streamController.close();
+      return true;
+    });
+  }
+  /**
+   * Creates and returns a Blob of the encrypted file
+   */
+  getEncryptedFile() {
+    return __async(this, null, function* () {
+      const response = new Response(this.stream);
+      return response.blob();
+    });
+  }
+  /**
+   * Returns an encrypted representation of the file's metadata (name, content-type)
+   * header: base64-encoded header data
+   * meta: Encrypted JSON string of the file's metadata, base64-encoded
+   */
+  getEncryptMetaData() {
+    const res = sodium.crypto_secretstream_xchacha20poly1305_init_push(this.key);
+    const metaJson = JSON.stringify({ name: this.file.meta.name, type: this.file.meta.type || null });
+    const encryptedChunk = sodium.crypto_secretstream_xchacha20poly1305_push(
+      res.state,
+      new Uint8Array(new TextEncoder().encode(metaJson)),
+      null,
+      sodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL
+    );
+    return {
+      header: sodium.to_base64(res.header, sodium.base64_variants.URLSAFE_NO_PADDING),
+      data: sodium.to_base64(encryptedChunk, sodium.base64_variants.URLSAFE_NO_PADDING)
+    };
+  }
+  /**
+   * Returns a hash of the password base64-encoded
+   * This data is safe to store in a database, etc
+   */
+  getPasswordHash() {
+    return sodium.crypto_pwhash_str(this.password, sodium.crypto_pwhash_OPSLIMIT_INTERACTIVE, sodium.crypto_pwhash_MEMLIMIT_INTERACTIVE);
+  }
+  /**
+   * Returns the header base64-encoded
+   * This data is safe to store in a database, etc
+   */
+  getHeader() {
+    return sodium.to_base64(this.header, sodium.base64_variants.URLSAFE_NO_PADDING);
+  }
+  /**
+   * Returns the salt base64-encoded
+   * This data is safe to store in a database, etc
+   */
+  getSalt() {
+    return sodium.to_base64(this.salt, sodium.base64_variants.URLSAFE_NO_PADDING);
+  }
+};
+
+// src/UppyDecrypt.ts
+import _sodium2 from "libsodium-wrappers-sumo";
+var sodium2;
+(() => __async(void 0, null, function* () {
+  yield _sodium2.ready;
+  sodium2 = _sodium2;
+}))();
+var UppyDecrypt = class {
+  constructor(password, salt, header) {
+    this.index = 0;
+    const saltUint = sodium2.from_base64(salt, sodium2.base64_variants.URLSAFE_NO_PADDING);
+    const headerUint = sodium2.from_base64(header, sodium2.base64_variants.URLSAFE_NO_PADDING);
+    this.streamController;
+    this.stream = new ReadableStream({
+      start: (controller) => {
+        this.streamController = controller;
+      }
+    });
+    this.contentType = "";
+    this.key = sodium2.crypto_pwhash(
+      sodium2.crypto_secretstream_xchacha20poly1305_KEYBYTES,
+      password,
+      saltUint,
+      sodium2.crypto_pwhash_OPSLIMIT_INTERACTIVE,
+      sodium2.crypto_pwhash_MEMLIMIT_INTERACTIVE,
+      sodium2.crypto_pwhash_ALG_ARGON2ID13
+    );
+    this.state = sodium2.crypto_secretstream_xchacha20poly1305_init_pull(headerUint, this.key);
+    this.index = SIGNATURE.length + saltUint.length + headerUint.length;
+  }
+  /**
+   * Validates that the provided password is correct
+   * @param hash The hash value of the password created during UppyEncrypt
+   * @param password The user-provided password
+   * @returns {bool} true if correct password
+   */
+  static verifyPassword(hash, password) {
+    return sodium2.crypto_pwhash_str_verify(hash, password);
+  }
+  /**
+   * Decrypts the provided file
+   * @param file Blob of encryptyed file
+   * @returns Decrypted file as a blob
+   */
+  decryptFile(file) {
+    return __async(this, null, function* () {
+      if (!this.streamController) {
+        throw new Error("Encryption stream does not exist");
+      }
+      while (this.index < file.size) {
+        const chunk = yield file.slice(this.index, this.index + CHUNK_SIZE + sodium2.crypto_secretstream_xchacha20poly1305_ABYTES).arrayBuffer();
+        const decryptedChunk = sodium2.crypto_secretstream_xchacha20poly1305_pull(this.state, new Uint8Array(chunk));
+        this.streamController.enqueue(decryptedChunk.message);
+        this.index += CHUNK_SIZE + sodium2.crypto_secretstream_xchacha20poly1305_ABYTES;
+      }
+      this.streamController.close();
+      const response = new Response(this.stream, { headers: { "Content-Type": this.contentType } });
+      return response.blob();
+    });
+  }
+  /**
+   *
+   * @param header Header created during encryption of the meta data
+   * @param meta Encrypted meta data string
+   * @returns object of the decrypted meta data
+   */
+  getDecryptedMetaData(header, meta) {
+    const state = sodium2.crypto_secretstream_xchacha20poly1305_init_pull(sodium2.from_base64(header, sodium2.base64_variants.URLSAFE_NO_PADDING), this.key);
+    const decryptedChunk = sodium2.crypto_secretstream_xchacha20poly1305_pull(state, sodium2.from_base64(meta, sodium2.base64_variants.URLSAFE_NO_PADDING));
+    if (!decryptedChunk)
+      throw new Error("Unable to decrypt meta data");
+    const decryptedMeta = JSON.parse(new TextDecoder().decode(decryptedChunk.message));
+    if (decryptedMeta.type)
+      this.contentType = decryptedMeta.type;
+    return decryptedMeta;
+  }
+};
+
+// src/index.ts
+import _sodium3 from "libsodium-wrappers-sumo";
+import { BasePlugin } from "@uppy/core";
+var sodiumIsReady = false;
+var uppyEncryptReady = () => __async(void 0, null, function* () {
+  if (!sodiumIsReady) {
+    yield _sodium3.ready;
+    sodiumIsReady = true;
+  }
+});
+var UppyEncryptPlugin = class extends BasePlugin {
+  constructor(uppy, opts) {
+    var _a;
+    super(uppy, opts);
+    this.id = (_a = opts == null ? void 0 : opts.id) != null ? _a : "UppyEncryptPlugin";
+    this.type = "modifier";
+    const defaultOptions = {
+      password: null
+    };
+    this.opts = __spreadValues(__spreadValues({}, defaultOptions), opts);
+    this.encryptFiles = this.encryptFiles.bind(this);
+  }
+  encryptFiles(fileIds) {
+    return __async(this, null, function* () {
+      this.opts.password = this.opts.password || UppyEncrypt.generatePassword();
+      this.uppy.setMeta({ password: this.opts.password });
+      for (const fileId of fileIds) {
+        const file = this.uppy.getFile(fileId);
+        const enc = new UppyEncrypt(this.uppy, file, this.opts.password);
+        if (yield enc.encryptFile()) {
+          this.uppy.emit("preprocess-complete", file);
+          let blob = yield enc.getEncryptedFile();
+          this.uppy.setFileState(fileId, {
+            type: "application/octet-stream",
+            data: blob,
+            size: blob.size
+          });
+          this.uppy.setFileMeta(fileId, {
+            name: `${file.name}.enc`,
+            type: "application/octet-stream",
+            encryption: {
+              salt: enc.getSalt(),
+              header: enc.getHeader(),
+              hash: enc.getPasswordHash(),
+              meta: enc.getEncryptMetaData()
+            }
+          });
+        }
+      }
+    });
+  }
+  install() {
+    this.uppy.addPreProcessor(this.encryptFiles);
+  }
+  uninstall() {
+    this.uppy.removePreProcessor(this.encryptFiles);
+  }
+};
+export {
+  UppyDecrypt,
+  UppyEncrypt,
+  UppyEncryptPlugin,
+  uppyEncryptReady
+};
+//# sourceMappingURL=index.mjs.map

package/dist/index.mjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/UppyEncrypt.ts","../src/constants.ts","../src/UppyDecrypt.ts","../src/index.ts"],"sourcesContent":["import type { Uppy, UppyFile } from '@uppy/core';\nimport _sodium from 'libsodium-wrappers-sumo';\nimport { CHUNK_SIZE, SIGNATURE } from './constants';\n\n// Init Sodium\nlet sodium: typeof _sodium;\n(async () => {\n  await _sodium.ready;\n  sodium = _sodium;\n})();\n\nexport default class UppyEncrypt {\n  private uppy: Uppy;\n  private password: string;\n  private salt: Uint8Array;\n  private key: Uint8Array;\n  private state: _sodium.StateAddress;\n  private header: Uint8Array;\n  private file: UppyFile<Record<string, unknown>, Record<string, unknown>>;\n  private stream: ReadableStream;\n  private streamController: ReadableStreamDefaultController | undefined;\n  private streamCanceled = false;\n\n  private index = 0;\n\n  constructor(uppy: Uppy, file: UppyFile<Record<string, unknown>, Record<string, unknown>>, password: string) {\n    this.uppy = uppy;\n    this.file = file;\n    this.password = password;\n\n    // Set Uppy event handlers that effect the encryption process\n    uppy.on('cancel-all', () => {\n      this.streamCanceled = true;\n    });\n\n    this.streamController;\n    this.stream = new ReadableStream({\n      start: (controller) => {\n        this.streamController = controller;\n      },\n    });\n\n    this.salt = sodium.randombytes_buf(sodium.crypto_pwhash_SALTBYTES);\n    this.key = sodium.crypto_pwhash(\n      sodium.crypto_secretstream_xchacha20poly1305_KEYBYTES,\n      password,\n      this.salt,\n      sodium.crypto_pwhash_OPSLIMIT_INTERACTIVE,\n      sodium.crypto_pwhash_MEMLIMIT_INTERACTIVE,\n      sodium.crypto_pwhash_ALG_ARGON2ID13\n    );\n\n    const res = sodium.crypto_secretstream_xchacha20poly1305_init_push(this.key);\n    this.state = res.state;\n    this.header = res.header;\n  }\n\n  /**\n   * Helper function that generate a random password\n   */\n  static generatePassword() {\n    return sodium.to_base64(sodium.randombytes_buf(16), sodium.base64_variants.URLSAFE_NO_PADDING);\n  }\n\n  /**\n   * Encrypts the file\n   */\n  async encryptFile() {\n    if (!this.streamController) {\n      throw new Error('Encryption stream does not exist');\n    }\n\n    while (this.index < this.file.size) {\n      if (this.streamCanceled) {\n        await this.stream.cancel();\n        return false;\n      }\n\n      // If first chunk\n      if (this.index === 0) {\n        this.streamController.enqueue(new Uint8Array(new TextEncoder().encode(SIGNATURE)));\n        this.streamController.enqueue(this.salt);\n        this.streamController.enqueue(this.header);\n      }\n\n      const tag =\n        this.index + CHUNK_SIZE < this.file.size\n          ? sodium.crypto_secretstream_xchacha20poly1305_TAG_MESSAGE\n          : sodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL;\n\n      const chunk = await this.file.data.slice(this.index, this.index + CHUNK_SIZE).arrayBuffer();\n      const encryptedChunk = sodium.crypto_secretstream_xchacha20poly1305_push(this.state, new Uint8Array(chunk), null, tag);\n\n      this.streamController.enqueue(new Uint8Array(encryptedChunk));\n\n      this.uppy.emit('preprocess-progress', this.file, {\n        mode: 'determinate',\n        message: `Encrypting ${this.file.name}...`,\n        value: this.index / this.file.size,\n      });\n\n      this.index += CHUNK_SIZE;\n    }\n\n    this.uppy.emit('preprocess-progress', this.file, {\n      mode: 'determinate',\n      message: `Encrypting ${this.file.name}...`,\n      value: 1,\n    });\n\n    this.streamController.close();\n\n    return true;\n  }\n\n  /**\n   * Creates and returns a Blob of the encrypted file\n   */\n  async getEncryptedFile() {\n    const response = new Response(this.stream);\n    return response.blob();\n  }\n\n  /**\n   * Returns an encrypted representation of the file's metadata (name, content-type)\n   * header: base64-encoded header data\n   * meta: Encrypted JSON string of the file's metadata, base64-encoded\n   */\n  getEncryptMetaData() {\n    // Init fresh state\n    const res = sodium.crypto_secretstream_xchacha20poly1305_init_push(this.key);\n\n    const metaJson = JSON.stringify({ name: this.file.meta.name, type: this.file.meta.type || null });\n    const encryptedChunk = sodium.crypto_secretstream_xchacha20poly1305_push(\n      res.state,\n      new Uint8Array(new TextEncoder().encode(metaJson)),\n      null,\n      sodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL\n    );\n\n    return {\n      header: sodium.to_base64(res.header, sodium.base64_variants.URLSAFE_NO_PADDING),\n      data: sodium.to_base64(encryptedChunk, sodium.base64_variants.URLSAFE_NO_PADDING),\n    };\n  }\n\n  /**\n   * Returns a hash of the password base64-encoded\n   * This data is safe to store in a database, etc\n   */\n  getPasswordHash() {\n    return sodium.crypto_pwhash_str(this.password, sodium.crypto_pwhash_OPSLIMIT_INTERACTIVE, sodium.crypto_pwhash_MEMLIMIT_INTERACTIVE);\n  }\n\n  /**\n   * Returns the header base64-encoded\n   * This data is safe to store in a database, etc\n   */\n  getHeader() {\n    return sodium.to_base64(this.header, sodium.base64_variants.URLSAFE_NO_PADDING);\n  }\n\n  /**\n   * Returns the salt base64-encoded\n   * This data is safe to store in a database, etc\n   */\n  getSalt() {\n    return sodium.to_base64(this.salt, sodium.base64_variants.URLSAFE_NO_PADDING);\n  }\n}\n","export const CHUNK_SIZE = 64 * 1024 * 1024;\nexport const SIGNATURE = 'uppyencrypt';\n","import _sodium from 'libsodium-wrappers-sumo';\nimport { CHUNK_SIZE, SIGNATURE } from './constants';\n\nexport interface DecryptedMetaData {\n  name: string;\n  type?: string;\n}\n\n// Init Sodium\nlet sodium: typeof _sodium;\n(async () => {\n  await _sodium.ready;\n  sodium = _sodium;\n})();\n\nexport default class UppyDecrypt {\n  private key: Uint8Array;\n  private state: _sodium.StateAddress;\n  private stream: ReadableStream;\n  private streamController: ReadableStreamDefaultController | undefined;\n  private contentType: string;\n\n  private index = 0;\n\n  constructor(password: string, salt: string, header: string) {\n    const saltUint = sodium.from_base64(salt, sodium.base64_variants.URLSAFE_NO_PADDING);\n    const headerUint = sodium.from_base64(header, sodium.base64_variants.URLSAFE_NO_PADDING);\n\n    this.streamController;\n    this.stream = new ReadableStream({\n      start: (controller) => {\n        this.streamController = controller;\n      },\n    });\n    this.contentType = ''; // Defined if/when meta-data is decrypted\n\n    this.key = sodium.crypto_pwhash(\n      sodium.crypto_secretstream_xchacha20poly1305_KEYBYTES,\n      password,\n      saltUint,\n      sodium.crypto_pwhash_OPSLIMIT_INTERACTIVE,\n      sodium.crypto_pwhash_MEMLIMIT_INTERACTIVE,\n      sodium.crypto_pwhash_ALG_ARGON2ID13\n    );\n\n    this.state = sodium.crypto_secretstream_xchacha20poly1305_init_pull(headerUint, this.key);\n\n    this.index = SIGNATURE.length + saltUint.length + headerUint.length;\n  }\n\n  /**\n   * Validates that the provided password is correct\n   * @param hash The hash value of the password created during UppyEncrypt\n   * @param password The user-provided password\n   * @returns {bool} true if correct password\n   */\n  static verifyPassword(hash: string, password: string) {\n    return sodium.crypto_pwhash_str_verify(hash, password);\n  }\n\n  /**\n   * Decrypts the provided file\n   * @param file Blob of encryptyed file\n   * @returns Decrypted file as a blob\n   */\n  async decryptFile(file: Blob) {\n    if (!this.streamController) {\n      throw new Error('Encryption stream does not exist');\n    }\n\n    while (this.index < file.size) {\n      const chunk = await file.slice(this.index, this.index + CHUNK_SIZE + sodium.crypto_secretstream_xchacha20poly1305_ABYTES).arrayBuffer();\n      const decryptedChunk = sodium.crypto_secretstream_xchacha20poly1305_pull(this.state, new Uint8Array(chunk));\n\n      this.streamController.enqueue(decryptedChunk.message);\n\n      this.index += CHUNK_SIZE + sodium.crypto_secretstream_xchacha20poly1305_ABYTES;\n    }\n\n    this.streamController.close();\n\n    const response = new Response(this.stream, { headers: { 'Content-Type': this.contentType } });\n    return response.blob();\n  }\n\n  /**\n   *\n   * @param header Header created during encryption of the meta data\n   * @param meta Encrypted meta data string\n   * @returns object of the decrypted meta data\n   */\n  getDecryptedMetaData(header: string, meta: string) {\n    // Init fresh state\n    const state = sodium.crypto_secretstream_xchacha20poly1305_init_pull(sodium.from_base64(header, sodium.base64_variants.URLSAFE_NO_PADDING), this.key);\n    const decryptedChunk = sodium.crypto_secretstream_xchacha20poly1305_pull(state, sodium.from_base64(meta, sodium.base64_variants.URLSAFE_NO_PADDING));\n\n    if (!decryptedChunk) throw new Error('Unable to decrypt meta data');\n    const decryptedMeta = JSON.parse(new TextDecoder().decode(decryptedChunk.message)) as DecryptedMetaData;\n    if (decryptedMeta.type) this.contentType = decryptedMeta.type;\n    return decryptedMeta;\n  }\n}\n","import UppyEncrypt from './UppyEncrypt';\nimport UppyDecrypt, { type DecryptedMetaData } from './UppyDecrypt';\nimport _sodium from 'libsodium-wrappers-sumo';\nimport { BasePlugin, type DefaultPluginOptions, Uppy } from '@uppy/core';\n\ninterface UppyEncryptPluginOptions extends DefaultPluginOptions {\n  password: string | null;\n}\n\n// Sodium is initialized automatically within UppyEncrypt / UppyDecrypt\n// Optionally call this to ensure initialization\nlet sodiumIsReady = false;\nexport const uppyEncryptReady = async () => {\n  if (!sodiumIsReady) {\n    await _sodium.ready;\n    sodiumIsReady = true;\n  }\n};\n\nexport class UppyEncryptPlugin extends BasePlugin {\n  opts: UppyEncryptPluginOptions;\n\n  constructor(uppy: Uppy, opts?: UppyEncryptPluginOptions | undefined) {\n    super(uppy, opts);\n    this.id = opts?.id ?? 'UppyEncryptPlugin';\n    this.type = 'modifier';\n\n    const defaultOptions = {\n      password: null,\n    };\n    this.opts = { ...defaultOptions, ...opts };\n\n    this.encryptFiles = this.encryptFiles.bind(this);\n  }\n\n  async encryptFiles(fileIds: string[]) {\n    // Generate a password here if none is already set\n    this.opts.password = this.opts.password || UppyEncrypt.generatePassword();\n\n    // Add password to meta data so it can be referenced externally\n    this.uppy.setMeta({ password: this.opts.password });\n\n    for (const fileId of fileIds) {\n      const file = this.uppy.getFile(fileId);\n      const enc = new UppyEncrypt(this.uppy, file, this.opts.password);\n      if (await enc.encryptFile()) {\n        this.uppy.emit('preprocess-complete', file);\n        let blob = await enc.getEncryptedFile();\n        this.uppy.setFileState(fileId, {\n          type: 'application/octet-stream',\n          data: blob,\n          size: blob.size,\n        });\n\n        this.uppy.setFileMeta(fileId, {\n          name: `${file.name}.enc`,\n          type: 'application/octet-stream',\n          encryption: {\n            salt: enc.getSalt(),\n            header: enc.getHeader(),\n            hash: enc.getPasswordHash(),\n            meta: enc.getEncryptMetaData(),\n          },\n        });\n      }\n    }\n  }\n\n  install() {\n    this.uppy.addPreProcessor(this.encryptFiles);\n  }\n\n  uninstall() {\n    this.uppy.removePreProcessor(this.encryptFiles);\n  }\n}\n\nexport { UppyEncrypt, UppyDecrypt, DecryptedMetaData };\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AACA,OAAO,aAAa;;;ACDb,IAAM,aAAa,KAAK,OAAO;AAC/B,IAAM,YAAY;;;ADIzB,IAAI;AAAA,CACH,MAAY;AACX,QAAM,QAAQ;AACd,WAAS;AACX,IAAG;AAEH,IAAqB,cAArB,MAAiC;AAAA,EAc/B,YAAY,MAAY,MAAkE,UAAkB;AAJ5G,SAAQ,iBAAiB;AAEzB,SAAQ,QAAQ;AAGd,SAAK,OAAO;AACZ,SAAK,OAAO;AACZ,SAAK,WAAW;AAGhB,SAAK,GAAG,cAAc,MAAM;AAC1B,WAAK,iBAAiB;AAAA,IACxB,CAAC;AAED,SAAK;AACL,SAAK,SAAS,IAAI,eAAe;AAAA,MAC/B,OAAO,CAAC,eAAe;AACrB,aAAK,mBAAmB;AAAA,MAC1B;AAAA,IACF,CAAC;AAED,SAAK,OAAO,OAAO,gBAAgB,OAAO,uBAAuB;AACjE,SAAK,MAAM,OAAO;AAAA,MAChB,OAAO;AAAA,MACP;AAAA,MACA,KAAK;AAAA,MACL,OAAO;AAAA,MACP,OAAO;AAAA,MACP,OAAO;AAAA,IACT;AAEA,UAAM,MAAM,OAAO,gDAAgD,KAAK,GAAG;AAC3E,SAAK,QAAQ,IAAI;AACjB,SAAK,SAAS,IAAI;AAAA,EACpB;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,mBAAmB;AACxB,WAAO,OAAO,UAAU,OAAO,gBAAgB,EAAE,GAAG,OAAO,gBAAgB,kBAAkB;AAAA,EAC/F;AAAA;AAAA;AAAA;AAAA,EAKM,cAAc;AAAA;AAClB,UAAI,CAAC,KAAK,kBAAkB;AAC1B,cAAM,IAAI,MAAM,kCAAkC;AAAA,MACpD;AAEA,aAAO,KAAK,QAAQ,KAAK,KAAK,MAAM;AAClC,YAAI,KAAK,gBAAgB;AACvB,gBAAM,KAAK,OAAO,OAAO;AACzB,iBAAO;AAAA,QACT;AAGA,YAAI,KAAK,UAAU,GAAG;AACpB,eAAK,iBAAiB,QAAQ,IAAI,WAAW,IAAI,YAAY,EAAE,OAAO,SAAS,CAAC,CAAC;AACjF,eAAK,iBAAiB,QAAQ,KAAK,IAAI;AACvC,eAAK,iBAAiB,QAAQ,KAAK,MAAM;AAAA,QAC3C;AAEA,cAAM,MACJ,KAAK,QAAQ,aAAa,KAAK,KAAK,OAChC,OAAO,oDACP,OAAO;AAEb,cAAM,QAAQ,MAAM,KAAK,KAAK,KAAK,MAAM,KAAK,OAAO,KAAK,QAAQ,UAAU,EAAE,YAAY;AAC1F,cAAM,iBAAiB,OAAO,2CAA2C,KAAK,OAAO,IAAI,WAAW,KAAK,GAAG,MAAM,GAAG;AAErH,aAAK,iBAAiB,QAAQ,IAAI,WAAW,cAAc,CAAC;AAE5D,aAAK,KAAK,KAAK,uBAAuB,KAAK,MAAM;AAAA,UAC/C,MAAM;AAAA,UACN,SAAS,cAAc,KAAK,KAAK,IAAI;AAAA,UACrC,OAAO,KAAK,QAAQ,KAAK,KAAK;AAAA,QAChC,CAAC;AAED,aAAK,SAAS;AAAA,MAChB;AAEA,WAAK,KAAK,KAAK,uBAAuB,KAAK,MAAM;AAAA,QAC/C,MAAM;AAAA,QACN,SAAS,cAAc,KAAK,KAAK,IAAI;AAAA,QACrC,OAAO;AAAA,MACT,CAAC;AAED,WAAK,iBAAiB,MAAM;AAE5B,aAAO;AAAA,IACT;AAAA;AAAA;AAAA;AAAA;AAAA,EAKM,mBAAmB;AAAA;AACvB,YAAM,WAAW,IAAI,SAAS,KAAK,MAAM;AACzC,aAAO,SAAS,KAAK;AAAA,IACvB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,qBAAqB;AAEnB,UAAM,MAAM,OAAO,gDAAgD,KAAK,GAAG;AAE3E,UAAM,WAAW,KAAK,UAAU,EAAE,MAAM,KAAK,KAAK,KAAK,MAAM,MAAM,KAAK,KAAK,KAAK,QAAQ,KAAK,CAAC;AAChG,UAAM,iBAAiB,OAAO;AAAA,MAC5B,IAAI;AAAA,MACJ,IAAI,WAAW,IAAI,YAAY,EAAE,OAAO,QAAQ,CAAC;AAAA,MACjD;AAAA,MACA,OAAO;AAAA,IACT;AAEA,WAAO;AAAA,MACL,QAAQ,OAAO,UAAU,IAAI,QAAQ,OAAO,gBAAgB,kBAAkB;AAAA,MAC9E,MAAM,OAAO,UAAU,gBAAgB,OAAO,gBAAgB,kBAAkB;AAAA,IAClF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,kBAAkB;AAChB,WAAO,OAAO,kBAAkB,KAAK,UAAU,OAAO,oCAAoC,OAAO,kCAAkC;AAAA,EACrI;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,YAAY;AACV,WAAO,OAAO,UAAU,KAAK,QAAQ,OAAO,gBAAgB,kBAAkB;AAAA,EAChF;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,UAAU;AACR,WAAO,OAAO,UAAU,KAAK,MAAM,OAAO,gBAAgB,kBAAkB;AAAA,EAC9E;AACF;;;AEzKA,OAAOA,cAAa;AASpB,IAAIC;AAAA,CACH,MAAY;AACX,QAAMC,SAAQ;AACd,EAAAD,UAASC;AACX,IAAG;AAEH,IAAqB,cAArB,MAAiC;AAAA,EAS/B,YAAY,UAAkB,MAAc,QAAgB;AAF5D,SAAQ,QAAQ;AAGd,UAAM,WAAWD,QAAO,YAAY,MAAMA,QAAO,gBAAgB,kBAAkB;AACnF,UAAM,aAAaA,QAAO,YAAY,QAAQA,QAAO,gBAAgB,kBAAkB;AAEvF,SAAK;AACL,SAAK,SAAS,IAAI,eAAe;AAAA,MAC/B,OAAO,CAAC,eAAe;AACrB,aAAK,mBAAmB;AAAA,MAC1B;AAAA,IACF,CAAC;AACD,SAAK,cAAc;AAEnB,SAAK,MAAMA,QAAO;AAAA,MAChBA,QAAO;AAAA,MACP;AAAA,MACA;AAAA,MACAA,QAAO;AAAA,MACPA,QAAO;AAAA,MACPA,QAAO;AAAA,IACT;AAEA,SAAK,QAAQA,QAAO,gDAAgD,YAAY,KAAK,GAAG;AAExF,SAAK,QAAQ,UAAU,SAAS,SAAS,SAAS,WAAW;AAAA,EAC/D;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,OAAO,eAAe,MAAc,UAAkB;AACpD,WAAOA,QAAO,yBAAyB,MAAM,QAAQ;AAAA,EACvD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOM,YAAY,MAAY;AAAA;AAC5B,UAAI,CAAC,KAAK,kBAAkB;AAC1B,cAAM,IAAI,MAAM,kCAAkC;AAAA,MACpD;AAEA,aAAO,KAAK,QAAQ,KAAK,MAAM;AAC7B,cAAM,QAAQ,MAAM,KAAK,MAAM,KAAK,OAAO,KAAK,QAAQ,aAAaA,QAAO,4CAA4C,EAAE,YAAY;AACtI,cAAM,iBAAiBA,QAAO,2CAA2C,KAAK,OAAO,IAAI,WAAW,KAAK,CAAC;AAE1G,aAAK,iBAAiB,QAAQ,eAAe,OAAO;AAEpD,aAAK,SAAS,aAAaA,QAAO;AAAA,MACpC;AAEA,WAAK,iBAAiB,MAAM;AAE5B,YAAM,WAAW,IAAI,SAAS,KAAK,QAAQ,EAAE,SAAS,EAAE,gBAAgB,KAAK,YAAY,EAAE,CAAC;AAC5F,aAAO,SAAS,KAAK;AAAA,IACvB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,qBAAqB,QAAgB,MAAc;AAEjD,UAAM,QAAQA,QAAO,gDAAgDA,QAAO,YAAY,QAAQA,QAAO,gBAAgB,kBAAkB,GAAG,KAAK,GAAG;AACpJ,UAAM,iBAAiBA,QAAO,2CAA2C,OAAOA,QAAO,YAAY,MAAMA,QAAO,gBAAgB,kBAAkB,CAAC;AAEnJ,QAAI,CAAC;AAAgB,YAAM,IAAI,MAAM,6BAA6B;AAClE,UAAM,gBAAgB,KAAK,MAAM,IAAI,YAAY,EAAE,OAAO,eAAe,OAAO,CAAC;AACjF,QAAI,cAAc;AAAM,WAAK,cAAc,cAAc;AACzD,WAAO;AAAA,EACT;AACF;;;ACnGA,OAAOE,cAAa;AACpB,SAAS,kBAAmD;AAQ5D,IAAI,gBAAgB;AACb,IAAM,mBAAmB,MAAY;AAC1C,MAAI,CAAC,eAAe;AAClB,UAAMC,SAAQ;AACd,oBAAgB;AAAA,EAClB;AACF;AAEO,IAAM,oBAAN,cAAgC,WAAW;AAAA,EAGhD,YAAY,MAAY,MAA6C;AAtBvE;AAuBI,UAAM,MAAM,IAAI;AAChB,SAAK,MAAK,kCAAM,OAAN,YAAY;AACtB,SAAK,OAAO;AAEZ,UAAM,iBAAiB;AAAA,MACrB,UAAU;AAAA,IACZ;AACA,SAAK,OAAO,kCAAK,iBAAmB;AAEpC,SAAK,eAAe,KAAK,aAAa,KAAK,IAAI;AAAA,EACjD;AAAA,EAEM,aAAa,SAAmB;AAAA;AAEpC,WAAK,KAAK,WAAW,KAAK,KAAK,YAAY,YAAY,iBAAiB;AAGxE,WAAK,KAAK,QAAQ,EAAE,UAAU,KAAK,KAAK,SAAS,CAAC;AAElD,iBAAW,UAAU,SAAS;AAC5B,cAAM,OAAO,KAAK,KAAK,QAAQ,MAAM;AACrC,cAAM,MAAM,IAAI,YAAY,KAAK,MAAM,MAAM,KAAK,KAAK,QAAQ;AAC/D,YAAI,MAAM,IAAI,YAAY,GAAG;AAC3B,eAAK,KAAK,KAAK,uBAAuB,IAAI;AAC1C,cAAI,OAAO,MAAM,IAAI,iBAAiB;AACtC,eAAK,KAAK,aAAa,QAAQ;AAAA,YAC7B,MAAM;AAAA,YACN,MAAM;AAAA,YACN,MAAM,KAAK;AAAA,UACb,CAAC;AAED,eAAK,KAAK,YAAY,QAAQ;AAAA,YAC5B,MAAM,GAAG,KAAK,IAAI;AAAA,YAClB,MAAM;AAAA,YACN,YAAY;AAAA,cACV,MAAM,IAAI,QAAQ;AAAA,cAClB,QAAQ,IAAI,UAAU;AAAA,cACtB,MAAM,IAAI,gBAAgB;AAAA,cAC1B,MAAM,IAAI,mBAAmB;AAAA,YAC/B;AAAA,UACF,CAAC;AAAA,QACH;AAAA,MACF;AAAA,IACF;AAAA;AAAA,EAEA,UAAU;AACR,SAAK,KAAK,gBAAgB,KAAK,YAAY;AAAA,EAC7C;AAAA,EAEA,YAAY;AACV,SAAK,KAAK,mBAAmB,KAAK,YAAY;AAAA,EAChD;AACF;","names":["_sodium","sodium","_sodium","_sodium","_sodium"]}

package/package.json

@@ -0,0 +1,41 @@
+{
+  "name": "uppy-encrypt",
+  "version": "1.0.0",
+  "description": "Uppy plugin to encrypt and decrypt files in the browser before upload using libsodium-wrappers",
+  "main": "./dist/index.js",
+  "module": "./dist/index.mjs",
+  "types": "./dist/index.d.ts",
+  "files": [
+    "dist"
+  ],
+  "scripts": {
+    "build": "tsup",
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/0sumcode/uppy-encrypt.git"
+  },
+  "keywords": [
+    "uppy",
+    "encrypt",
+    "decrypt",
+    "libsodium"
+  ],
+  "author": "Dan Stevens",
+  "license": "MIT",
+  "bugs": {
+    "url": "https://github.com/0sumcode/uppy-encrypt/issues"
+  },
+  "homepage": "https://github.com/0sumcode/uppy-encrypt#readme",
+  "devDependencies": {
+    "ts-node": "^10.9.1",
+    "tsup": "^8.0.1",
+    "typescript": "^5.3.2"
+  },
+  "dependencies": {
+    "@types/libsodium-wrappers-sumo": "^0.7.8",
+    "@uppy/core": "^3.7.1",
+    "libsodium-wrappers-sumo": "^0.7.13"
+  }
+}