wolfronix-sdk 1.2.0 → 1.3.1

package/README.md

@@ -1,19 +1,17 @@
-# @wolfronix/sdk
+# wolfronix-sdk
 
 Official JavaScript/TypeScript SDK for Wolfronix - Zero-knowledge encryption made simple.
 
-[![npm version](https://badge.fury.io/js/@wolfronix%2Fsdk.svg)](https://www.npmjs.com/package/@wolfronix/sdk)
+[![npm version](https://badge.fury.io/js/wolfronix-sdk.svg)](https://www.npmjs.com/package/wolfronix-sdk)
 [![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
 
 ## Features
 
 - 🔐 **Zero-Knowledge Encryption** - Keys generated client-side, never leave your device
 - 🏢 **Enterprise Ready** - Seamless integration with your existing storage
-
 - 🚀 **Simple API** - Encrypt files in 2 lines of code
 - 📦 **TypeScript Native** - Full type definitions included
-- 🌐 **Universal** - Works in Node.js and browsers
-- ⚡ **Streaming** - Handle large files with progress tracking
+- 🌐 **Universal** - Works in Node.js 16+ and modern browsers
 - 🔄 **Auto Retry** - Built-in retry logic with exponential backoff
 
 ## Backend Integration (Enterprise Mode)
@@ -30,17 +28,17 @@ Wolfronix handles all encryption/decryption keys and logic; you only handle the
 ## Installation
 
 ```bash
-npm install @wolfronix/sdk
+npm install wolfronix-sdk
 # or
-yarn add @wolfronix/sdk
+yarn add wolfronix-sdk
 # or
-pnpm add @wolfronix/sdk
+pnpm add wolfronix-sdk
 ```
 
 ## Quick Start
 
 ```typescript
-import Wolfronix from '@wolfronix/sdk';
+import Wolfronix from 'wolfronix-sdk';
 
 // Initialize client
 const wfx = new Wolfronix({
@@ -67,7 +65,7 @@ const decrypted = await wfx.decrypt(result.file_id);
 ### Browser (React, Vue, Angular, etc.)
 
 ```typescript
-import Wolfronix from '@wolfronix/sdk';
+import Wolfronix from 'wolfronix-sdk';
 
 const wfx = new Wolfronix('https://wolfronix-server:5002');
 
@@ -77,7 +75,6 @@ const handleFileUpload = async (event: React.ChangeEvent<HTMLInputElement>) => {
   if (!file) return;
 
   try {
-    // Keys are automatically handled by the SDK
     const { file_id } = await wfx.encrypt(file);
     console.log('File encrypted with your private key:', file_id);
   } catch (error) {
@@ -102,7 +99,7 @@ const handleDownload = async (fileId: string, filename: string) => {
 ### Node.js
 
 ```typescript
-import Wolfronix from '@wolfronix/sdk';
+import Wolfronix from 'wolfronix-sdk';
 import * as fs from 'fs';
 
 const wfx = new Wolfronix({
@@ -129,26 +126,50 @@ async function main() {
   fs.writeFileSync('decrypted.pdf', Buffer.from(decrypted));
 }
 
+main();
+// Decrypt and save
+  const decrypted = await wfx.decryptToBuffer(file_id);
+  fs.writeFileSync('decrypted.pdf', Buffer.from(decrypted));
+}
+
 main();
 ```
 
-### Large File Streaming with Progress
+### 💬 E2E Encrypted Chat Integration
+
+Turn any chat app into a secure, end-to-end encrypted messenger in minutes.
 
+**Sender (Alice):**
 ```typescript
-const wfx = new Wolfronix('https://wolfronix-server:5002');
+// 1. Get Bob's Public Key & Encrypt Message
+const securePacket = await wfx.encryptMessage("Secret details at 5 PM", "bob_user_id");
 
-// Encrypt with progress
-const result = await wfx.encryptStream(largeFile, (percent) => {
-  console.log(`Uploading: ${percent}%`);
-  progressBar.value = percent;
+// 2. Send 'securePacket' string via your normal chat API (Socket.io, Firebase, etc.)
+chatSocket.emit('message', {
+  to: 'bob',
+  text: securePacket // Valid JSON string
 });
+```
 
-// Decrypt with progress
-const blob = await wfx.decryptStream(fileId, (percent) => {
-  console.log(`Downloading: ${percent}%`);
+**Recipient (Bob):**
+```typescript
+// 1. Receive message from chat server
+chatSocket.on('message', async (msg) => {
+  try {
+    // 2. Decrypt locally with Bob's Private Key
+    const plainText = await wfx.decryptMessage(msg.text);
+    console.log("Decrypted:", plainText);
+  } catch (err) {
+    console.error("Could not decrypt message");
+  }
 });
 ```
 
+**Features:**
+- **Hybrid Encryption:** Uses AES-256 for messages + RSA-2048 for key exchange (Fast & Secure).
+- **Zero-Knowledge:** Your chat server only sees encrypted packets.
+- **Universal:** Works with any backend (Socket.io, Firebase, PostgreSQL, etc).
+
 ## API Reference
 
 ### Constructor
@@ -181,13 +202,19 @@ new Wolfronix(config: WolfronixConfig | string)
 | Method | Description |
 |--------|-------------|
 | `encrypt(file, filename?)` | Encrypt and store file |
-| `encryptStream(file, onProgress?)` | Encrypt large file with progress |
 | `decrypt(fileId)` | Decrypt file (returns Blob) |
 | `decryptToBuffer(fileId)` | Decrypt file (returns ArrayBuffer) |
-| `decryptStream(fileId, onProgress?)` | Decrypt large file with progress |
 | `listFiles()` | List user's encrypted files |
 | `deleteFile(fileId)` | Delete encrypted file |
 
+### E2E Chat Encryption
+
+| Method | Description |
+|--------|-------------|
+| `getPublicKey(userId)` | Fetch a user's RSA public key |
+| `encryptMessage(text, recipientId)` | Encrypt text for a recipient (returns packet string) |
+| `decryptMessage(packetString)` | Decrypt a received message packet |
+
 ### Utility
 
 | Method | Description |
@@ -207,7 +234,7 @@ import Wolfronix, {
   PermissionDeniedError,
   NetworkError,
   ValidationError
-} from '@wolfronix/sdk';
+} from 'wolfronix-sdk';
 
 try {
   await wfx.encrypt(file);
@@ -246,7 +273,7 @@ import Wolfronix, {
   FileInfo,
   ListFilesResponse,
   MetricsResponse
-} from '@wolfronix/sdk';
+} from 'wolfronix-sdk';
 
 // All methods are fully typed
 const config: WolfronixConfig = {
@@ -263,7 +290,7 @@ const response: EncryptResponse = await wfx.encrypt(file);
 ```typescript
 // useWolfronix.ts
 import { useState, useCallback, useMemo } from 'react';
-import Wolfronix, { FileInfo as WolfronixFile } from '@wolfronix/sdk';
+import Wolfronix, { FileInfo as WolfronixFile } from 'wolfronix-sdk';
 
 export function useWolfronix(baseUrl: string, clientId?: string) {
   const [isLoading, setIsLoading] = useState(false);
@@ -351,10 +378,25 @@ function FileManager() {
 }
 ```
 
+## Real-World Use Cases
+
+Wolfronix can be integrated into **any application** that handles sensitive data:
+
+| Industry | Application | How Wolfronix Helps |
+|----------|------------|---------------------|
+| 🏥 **Healthcare** | Patient records, lab reports | HIPAA-compliant encryption at rest |
+| 🏦 **Finance** | Invoices, tax docs, receipts | End-to-end encrypted banking documents |
+| ⚖️ **Legal** | Contracts, case files | Zero-knowledge confidential storage |
+| ☁️ **Cloud Storage** | Drive/Dropbox alternatives | Encrypted file vault with user-owned keys |
+| 🏢 **Enterprise** | HR records, internal docs | Per-employee encryption isolation |
+| 🎓 **Education** | Exam papers, student data | Tamper-proof academic records |
+| 💬 **Messaging** | File attachments | Encrypted file sharing in chat apps |
+| 🛒 **E-commerce** | Order docs, payment receipts | PCI-compliant document storage |
+
 ## Requirements
 
 - Node.js 16+ (for Node.js usage)
-- Modern browser with Fetch API support
+- Modern browser with Web Crypto API support
 
 ## License
 

package/dist/index.d.mts

@@ -3,7 +3,7 @@
  * Zero-knowledge encryption made simple
  *
  * @package @wolfronix/sdk
- * @version 1.2.0
+ * @version 1.3.0
  */
 interface WolfronixConfig {
     /** Wolfronix server base URL */
@@ -25,7 +25,7 @@ interface AuthResponse {
 }
 interface EncryptResponse {
     status: string;
-    file_id: number;
+    file_id: string;
     file_size: number;
     enc_time_ms: number;
 }
@@ -51,6 +51,11 @@ interface MetricsResponse {
     total_bytes_encrypted: number;
     total_bytes_decrypted: number;
 }
+interface EncryptMessagePacket {
+    key: string;
+    iv: string;
+    msg: string;
+}
 declare class WolfronixError extends Error {
     readonly code: string;
     readonly statusCode?: number;
@@ -188,6 +193,25 @@ declare class Wolfronix {
      * ```
      */
     deleteFile(fileId: string): Promise<DeleteResponse>;
+    /**
+     * Get another user's public key (for E2E encryption)
+     * @param userId The ID of the recipient
+     */
+    getPublicKey(userId: string): Promise<string>;
+    /**
+     * Encrypt a short text message for a recipient (Hybrid Encryption: RSA + AES)
+     * Returns a secure JSON string (packet) to send via chat
+     *
+     * @param text The plain text message
+     * @param recipientId The recipient's user ID
+     */
+    encryptMessage(text: string, recipientId: string): Promise<string>;
+    /**
+     * Decrypt a message packet received from chat
+     *
+     * @param packetJson The secure JSON string packet
+     */
+    decryptMessage(packetJson: string): Promise<string>;
     /**
      * Get encryption/decryption metrics
      *
@@ -218,4 +242,4 @@ declare class Wolfronix {
  */
 declare function createClient(config: WolfronixConfig | string): Wolfronix;
 
-export { type AuthResponse, AuthenticationError, type DeleteResponse, type EncryptResponse, type FileInfo, FileNotFoundError, type ListFilesResponse, type MetricsResponse, NetworkError, PermissionDeniedError, ValidationError, Wolfronix, type WolfronixConfig, WolfronixError, createClient, Wolfronix as default };
+export { type AuthResponse, AuthenticationError, type DeleteResponse, type EncryptMessagePacket, type EncryptResponse, type FileInfo, FileNotFoundError, type ListFilesResponse, type MetricsResponse, NetworkError, PermissionDeniedError, ValidationError, Wolfronix, type WolfronixConfig, WolfronixError, createClient, Wolfronix as default };

package/dist/index.d.ts

@@ -3,7 +3,7 @@
  * Zero-knowledge encryption made simple
  *
  * @package @wolfronix/sdk
- * @version 1.2.0
+ * @version 1.3.0
  */
 interface WolfronixConfig {
     /** Wolfronix server base URL */
@@ -25,7 +25,7 @@ interface AuthResponse {
 }
 interface EncryptResponse {
     status: string;
-    file_id: number;
+    file_id: string;
     file_size: number;
     enc_time_ms: number;
 }
@@ -51,6 +51,11 @@ interface MetricsResponse {
     total_bytes_encrypted: number;
     total_bytes_decrypted: number;
 }
+interface EncryptMessagePacket {
+    key: string;
+    iv: string;
+    msg: string;
+}
 declare class WolfronixError extends Error {
     readonly code: string;
     readonly statusCode?: number;
@@ -188,6 +193,25 @@ declare class Wolfronix {
      * ```
      */
     deleteFile(fileId: string): Promise<DeleteResponse>;
+    /**
+     * Get another user's public key (for E2E encryption)
+     * @param userId The ID of the recipient
+     */
+    getPublicKey(userId: string): Promise<string>;
+    /**
+     * Encrypt a short text message for a recipient (Hybrid Encryption: RSA + AES)
+     * Returns a secure JSON string (packet) to send via chat
+     *
+     * @param text The plain text message
+     * @param recipientId The recipient's user ID
+     */
+    encryptMessage(text: string, recipientId: string): Promise<string>;
+    /**
+     * Decrypt a message packet received from chat
+     *
+     * @param packetJson The secure JSON string packet
+     */
+    decryptMessage(packetJson: string): Promise<string>;
     /**
      * Get encryption/decryption metrics
      *
@@ -218,4 +242,4 @@ declare class Wolfronix {
  */
 declare function createClient(config: WolfronixConfig | string): Wolfronix;
 
-export { type AuthResponse, AuthenticationError, type DeleteResponse, type EncryptResponse, type FileInfo, FileNotFoundError, type ListFilesResponse, type MetricsResponse, NetworkError, PermissionDeniedError, ValidationError, Wolfronix, type WolfronixConfig, WolfronixError, createClient, Wolfronix as default };
+export { type AuthResponse, AuthenticationError, type DeleteResponse, type EncryptMessagePacket, type EncryptResponse, type FileInfo, FileNotFoundError, type ListFilesResponse, type MetricsResponse, NetworkError, PermissionDeniedError, ValidationError, Wolfronix, type WolfronixConfig, WolfronixError, createClient, Wolfronix as default };

package/dist/index.js

@@ -33,6 +33,14 @@ __export(index_exports, {
 module.exports = __toCommonJS(index_exports);
 
 // src/crypto.ts
+var getCrypto = () => {
+  if (typeof globalThis.crypto !== "undefined") {
+    return globalThis.crypto;
+  }
+  throw new Error(
+    "Web Crypto API not available. Requires a modern browser or Node.js 16+."
+  );
+};
 var RSA_ALG = {
   name: "RSA-OAEP",
   modulusLength: 2048,
@@ -40,9 +48,10 @@ var RSA_ALG = {
   hash: "SHA-256"
 };
 var WRAP_ALG = "AES-GCM";
+var SESSION_ALG = "AES-GCM";
 var PBKDF2_ITERATIONS = 1e5;
 async function generateKeyPair() {
-  return await window.crypto.subtle.generateKey(
+  return await getCrypto().subtle.generateKey(
     RSA_ALG,
     true,
     // extractable
@@ -51,7 +60,7 @@ async function generateKeyPair() {
 }
 async function exportKeyToPEM(key, type) {
   const format = type === "public" ? "spki" : "pkcs8";
-  const exported = await window.crypto.subtle.exportKey(format, key);
+  const exported = await getCrypto().subtle.exportKey(format, key);
   const exportedAsBase64 = arrayBufferToBase64(exported);
   const pemHeader = type === "public" ? "-----BEGIN PUBLIC KEY-----" : "-----BEGIN PRIVATE KEY-----";
   const pemFooter = type === "public" ? "-----END PUBLIC KEY-----" : "-----END PRIVATE KEY-----";
@@ -66,7 +75,7 @@ async function importKeyFromPEM(pem, type) {
   const binaryDer = base64ToArrayBuffer(pemContents);
   const format = type === "public" ? "spki" : "pkcs8";
   const usage = type === "public" ? ["encrypt", "wrapKey"] : ["decrypt", "unwrapKey"];
-  return await window.crypto.subtle.importKey(
+  return await getCrypto().subtle.importKey(
     format,
     binaryDer,
     RSA_ALG,
@@ -76,7 +85,7 @@ async function importKeyFromPEM(pem, type) {
 }
 async function deriveWrappingKey(password, saltHex) {
   const enc = new TextEncoder();
-  const passwordKey = await window.crypto.subtle.importKey(
+  const passwordKey = await getCrypto().subtle.importKey(
     "raw",
     enc.encode(password),
     "PBKDF2",
@@ -84,7 +93,7 @@ async function deriveWrappingKey(password, saltHex) {
     ["deriveKey"]
   );
   const salt = hexToArrayBuffer(saltHex);
-  return await window.crypto.subtle.deriveKey(
+  return await getCrypto().subtle.deriveKey(
     {
       name: "PBKDF2",
       salt,
@@ -98,12 +107,13 @@ async function deriveWrappingKey(password, saltHex) {
   );
 }
 async function wrapPrivateKey(privateKey, password) {
-  const salt = window.crypto.getRandomValues(new Uint8Array(16));
+  const crypto = getCrypto();
+  const salt = crypto.getRandomValues(new Uint8Array(16));
   const saltHex = arrayBufferToHex(salt.buffer);
   const wrappingKey = await deriveWrappingKey(password, saltHex);
-  const exportedKey = await window.crypto.subtle.exportKey("pkcs8", privateKey);
-  const iv = window.crypto.getRandomValues(new Uint8Array(12));
-  const encryptedContent = await window.crypto.subtle.encrypt(
+  const exportedKey = await crypto.subtle.exportKey("pkcs8", privateKey);
+  const iv = crypto.getRandomValues(new Uint8Array(12));
+  const encryptedContent = await crypto.subtle.encrypt(
     {
       name: WRAP_ALG,
       iv
@@ -125,7 +135,7 @@ async function unwrapPrivateKey(encryptedKeyBase64, password, saltHex) {
   const iv = combinedArray.slice(0, 12);
   const data = combinedArray.slice(12);
   const wrappingKey = await deriveWrappingKey(password, saltHex);
-  const decryptedKeyData = await window.crypto.subtle.decrypt(
+  const decryptedKeyData = await getCrypto().subtle.decrypt(
     {
       name: WRAP_ALG,
       iv
@@ -133,7 +143,7 @@ async function unwrapPrivateKey(encryptedKeyBase64, password, saltHex) {
     wrappingKey,
     data
   );
-  return await window.crypto.subtle.importKey(
+  return await getCrypto().subtle.importKey(
     "pkcs8",
     decryptedKeyData,
     RSA_ALG,
@@ -141,17 +151,98 @@ async function unwrapPrivateKey(encryptedKeyBase64, password, saltHex) {
     ["decrypt", "unwrapKey"]
   );
 }
+async function generateSessionKey() {
+  return await getCrypto().subtle.generateKey(
+    {
+      name: SESSION_ALG,
+      length: 256
+    },
+    true,
+    ["encrypt", "decrypt"]
+  );
+}
+async function encryptData(data, key) {
+  const enc = new TextEncoder();
+  const encodedData = enc.encode(data);
+  const iv = getCrypto().getRandomValues(new Uint8Array(12));
+  const encryptedContent = await getCrypto().subtle.encrypt(
+    {
+      name: SESSION_ALG,
+      iv
+    },
+    key,
+    encodedData
+  );
+  return {
+    encrypted: arrayBufferToBase64(encryptedContent),
+    iv: arrayBufferToBase64(iv.buffer)
+  };
+}
+async function decryptData(encryptedBase64, ivBase64, key) {
+  const encryptedData = base64ToArrayBuffer(encryptedBase64);
+  const iv = base64ToArrayBuffer(ivBase64);
+  const decryptedContent = await getCrypto().subtle.decrypt(
+    {
+      name: SESSION_ALG,
+      iv
+    },
+    key,
+    encryptedData
+  );
+  const dec = new TextDecoder();
+  return dec.decode(decryptedContent);
+}
+async function rsaEncrypt(data, publicKey) {
+  const encrypted = await getCrypto().subtle.encrypt(
+    {
+      name: "RSA-OAEP"
+    },
+    publicKey,
+    data
+  );
+  return arrayBufferToBase64(encrypted);
+}
+async function rsaDecrypt(encryptedBase64, privateKey) {
+  const data = base64ToArrayBuffer(encryptedBase64);
+  const decrypted = await getCrypto().subtle.decrypt(
+    {
+      name: "RSA-OAEP"
+    },
+    privateKey,
+    data
+  );
+  return decrypted;
+}
+async function exportSessionKey(key) {
+  return await getCrypto().subtle.exportKey("raw", key);
+}
+async function importSessionKey(raw) {
+  return await getCrypto().subtle.importKey(
+    "raw",
+    raw,
+    SESSION_ALG,
+    true,
+    ["encrypt", "decrypt"]
+  );
+}
 function arrayBufferToBase64(buffer) {
-  let binary = "";
   const bytes = new Uint8Array(buffer);
+  if (typeof Buffer !== "undefined") {
+    return Buffer.from(bytes).toString("base64");
+  }
+  let binary = "";
   const len = bytes.byteLength;
   for (let i = 0; i < len; i++) {
     binary += String.fromCharCode(bytes[i]);
   }
-  return window.btoa(binary);
+  return btoa(binary);
 }
 function base64ToArrayBuffer(base64) {
-  const binary_string = window.atob(base64);
+  if (typeof Buffer !== "undefined") {
+    const buf = Buffer.from(base64, "base64");
+    return buf.buffer.slice(buf.byteOffset, buf.byteOffset + buf.byteLength);
+  }
+  const binary_string = atob(base64);
   const len = binary_string.length;
   const bytes = new Uint8Array(len);
   for (let i = 0; i < len; i++) {
@@ -492,9 +583,15 @@ var Wolfronix = class {
       throw new Error("Public key not available. Is user logged in?");
     }
     formData.append("client_public_key", this.publicKeyPEM);
-    return this.request("POST", "/api/v1/encrypt", {
+    const response = await this.request("POST", "/api/v1/encrypt", {
       formData
     });
+    return {
+      status: response.status,
+      file_id: String(response.file_id),
+      file_size: response.file_size,
+      enc_time_ms: response.enc_time_ms
+    };
   }
   /**
    * Decrypt and retrieve a file
@@ -585,6 +682,68 @@ var Wolfronix = class {
     }
     return this.request("DELETE", `/api/v1/files/${fileId}`);
   }
+  // ============================================================================
+  // E2E Chat Encryption Methods
+  // ============================================================================
+  /**
+   * Get another user's public key (for E2E encryption)
+   * @param userId The ID of the recipient
+   */
+  async getPublicKey(userId) {
+    this.ensureAuthenticated();
+    const result = await this.request("GET", `/api/v1/keys/${userId}`);
+    return result.public_key;
+  }
+  /**
+   * Encrypt a short text message for a recipient (Hybrid Encryption: RSA + AES)
+   * Returns a secure JSON string (packet) to send via chat
+   * 
+   * @param text The plain text message
+   * @param recipientId The recipient's user ID
+   */
+  async encryptMessage(text, recipientId) {
+    this.ensureAuthenticated();
+    const recipientPubKeyPEM = await this.getPublicKey(recipientId);
+    const recipientPubKey = await importKeyFromPEM(recipientPubKeyPEM, "public");
+    const sessionKey = await generateSessionKey();
+    const { encrypted: encryptedMsg, iv } = await encryptData(text, sessionKey);
+    const rawSessionKey = await exportSessionKey(sessionKey);
+    const encryptedSessionKey = await rsaEncrypt(rawSessionKey, recipientPubKey);
+    const packet = {
+      key: encryptedSessionKey,
+      iv,
+      msg: encryptedMsg
+    };
+    return JSON.stringify(packet);
+  }
+  /**
+   * Decrypt a message packet received from chat
+   * 
+   * @param packetJson The secure JSON string packet
+   */
+  async decryptMessage(packetJson) {
+    this.ensureAuthenticated();
+    if (!this.privateKey) {
+      throw new Error("Private key not available. Is user logged in?");
+    }
+    let packet;
+    try {
+      packet = JSON.parse(packetJson);
+    } catch (e) {
+      throw new ValidationError("Invalid message packet format");
+    }
+    if (!packet.key || !packet.iv || !packet.msg) {
+      throw new ValidationError("Invalid message packet structure");
+    }
+    try {
+      const rawSessionKey = await rsaDecrypt(packet.key, this.privateKey);
+      const sessionKey = await importSessionKey(rawSessionKey);
+      const plainText = await decryptData(packet.msg, packet.iv, sessionKey);
+      return plainText;
+    } catch (error) {
+      throw new Error("Decryption failed. You may not be the intended recipient.");
+    }
+  }
   // ==========================================================================
   // Metrics & Status
   // ==========================================================================

package/dist/index.mjs

@@ -1,4 +1,12 @@
 // src/crypto.ts
+var getCrypto = () => {
+  if (typeof globalThis.crypto !== "undefined") {
+    return globalThis.crypto;
+  }
+  throw new Error(
+    "Web Crypto API not available. Requires a modern browser or Node.js 16+."
+  );
+};
 var RSA_ALG = {
   name: "RSA-OAEP",
   modulusLength: 2048,
@@ -6,9 +14,10 @@ var RSA_ALG = {
   hash: "SHA-256"
 };
 var WRAP_ALG = "AES-GCM";
+var SESSION_ALG = "AES-GCM";
 var PBKDF2_ITERATIONS = 1e5;
 async function generateKeyPair() {
-  return await window.crypto.subtle.generateKey(
+  return await getCrypto().subtle.generateKey(
     RSA_ALG,
     true,
     // extractable
@@ -17,7 +26,7 @@ async function generateKeyPair() {
 }
 async function exportKeyToPEM(key, type) {
   const format = type === "public" ? "spki" : "pkcs8";
-  const exported = await window.crypto.subtle.exportKey(format, key);
+  const exported = await getCrypto().subtle.exportKey(format, key);
   const exportedAsBase64 = arrayBufferToBase64(exported);
   const pemHeader = type === "public" ? "-----BEGIN PUBLIC KEY-----" : "-----BEGIN PRIVATE KEY-----";
   const pemFooter = type === "public" ? "-----END PUBLIC KEY-----" : "-----END PRIVATE KEY-----";
@@ -32,7 +41,7 @@ async function importKeyFromPEM(pem, type) {
   const binaryDer = base64ToArrayBuffer(pemContents);
   const format = type === "public" ? "spki" : "pkcs8";
   const usage = type === "public" ? ["encrypt", "wrapKey"] : ["decrypt", "unwrapKey"];
-  return await window.crypto.subtle.importKey(
+  return await getCrypto().subtle.importKey(
     format,
     binaryDer,
     RSA_ALG,
@@ -42,7 +51,7 @@ async function importKeyFromPEM(pem, type) {
 }
 async function deriveWrappingKey(password, saltHex) {
   const enc = new TextEncoder();
-  const passwordKey = await window.crypto.subtle.importKey(
+  const passwordKey = await getCrypto().subtle.importKey(
     "raw",
     enc.encode(password),
     "PBKDF2",
@@ -50,7 +59,7 @@ async function deriveWrappingKey(password, saltHex) {
     ["deriveKey"]
   );
   const salt = hexToArrayBuffer(saltHex);
-  return await window.crypto.subtle.deriveKey(
+  return await getCrypto().subtle.deriveKey(
     {
       name: "PBKDF2",
       salt,
@@ -64,12 +73,13 @@ async function deriveWrappingKey(password, saltHex) {
   );
 }
 async function wrapPrivateKey(privateKey, password) {
-  const salt = window.crypto.getRandomValues(new Uint8Array(16));
+  const crypto = getCrypto();
+  const salt = crypto.getRandomValues(new Uint8Array(16));
   const saltHex = arrayBufferToHex(salt.buffer);
   const wrappingKey = await deriveWrappingKey(password, saltHex);
-  const exportedKey = await window.crypto.subtle.exportKey("pkcs8", privateKey);
-  const iv = window.crypto.getRandomValues(new Uint8Array(12));
-  const encryptedContent = await window.crypto.subtle.encrypt(
+  const exportedKey = await crypto.subtle.exportKey("pkcs8", privateKey);
+  const iv = crypto.getRandomValues(new Uint8Array(12));
+  const encryptedContent = await crypto.subtle.encrypt(
     {
       name: WRAP_ALG,
       iv
@@ -91,7 +101,7 @@ async function unwrapPrivateKey(encryptedKeyBase64, password, saltHex) {
   const iv = combinedArray.slice(0, 12);
   const data = combinedArray.slice(12);
   const wrappingKey = await deriveWrappingKey(password, saltHex);
-  const decryptedKeyData = await window.crypto.subtle.decrypt(
+  const decryptedKeyData = await getCrypto().subtle.decrypt(
     {
       name: WRAP_ALG,
       iv
@@ -99,7 +109,7 @@ async function unwrapPrivateKey(encryptedKeyBase64, password, saltHex) {
     wrappingKey,
     data
   );
-  return await window.crypto.subtle.importKey(
+  return await getCrypto().subtle.importKey(
     "pkcs8",
     decryptedKeyData,
     RSA_ALG,
@@ -107,17 +117,98 @@ async function unwrapPrivateKey(encryptedKeyBase64, password, saltHex) {
     ["decrypt", "unwrapKey"]
   );
 }
+async function generateSessionKey() {
+  return await getCrypto().subtle.generateKey(
+    {
+      name: SESSION_ALG,
+      length: 256
+    },
+    true,
+    ["encrypt", "decrypt"]
+  );
+}
+async function encryptData(data, key) {
+  const enc = new TextEncoder();
+  const encodedData = enc.encode(data);
+  const iv = getCrypto().getRandomValues(new Uint8Array(12));
+  const encryptedContent = await getCrypto().subtle.encrypt(
+    {
+      name: SESSION_ALG,
+      iv
+    },
+    key,
+    encodedData
+  );
+  return {
+    encrypted: arrayBufferToBase64(encryptedContent),
+    iv: arrayBufferToBase64(iv.buffer)
+  };
+}
+async function decryptData(encryptedBase64, ivBase64, key) {
+  const encryptedData = base64ToArrayBuffer(encryptedBase64);
+  const iv = base64ToArrayBuffer(ivBase64);
+  const decryptedContent = await getCrypto().subtle.decrypt(
+    {
+      name: SESSION_ALG,
+      iv
+    },
+    key,
+    encryptedData
+  );
+  const dec = new TextDecoder();
+  return dec.decode(decryptedContent);
+}
+async function rsaEncrypt(data, publicKey) {
+  const encrypted = await getCrypto().subtle.encrypt(
+    {
+      name: "RSA-OAEP"
+    },
+    publicKey,
+    data
+  );
+  return arrayBufferToBase64(encrypted);
+}
+async function rsaDecrypt(encryptedBase64, privateKey) {
+  const data = base64ToArrayBuffer(encryptedBase64);
+  const decrypted = await getCrypto().subtle.decrypt(
+    {
+      name: "RSA-OAEP"
+    },
+    privateKey,
+    data
+  );
+  return decrypted;
+}
+async function exportSessionKey(key) {
+  return await getCrypto().subtle.exportKey("raw", key);
+}
+async function importSessionKey(raw) {
+  return await getCrypto().subtle.importKey(
+    "raw",
+    raw,
+    SESSION_ALG,
+    true,
+    ["encrypt", "decrypt"]
+  );
+}
 function arrayBufferToBase64(buffer) {
-  let binary = "";
   const bytes = new Uint8Array(buffer);
+  if (typeof Buffer !== "undefined") {
+    return Buffer.from(bytes).toString("base64");
+  }
+  let binary = "";
   const len = bytes.byteLength;
   for (let i = 0; i < len; i++) {
     binary += String.fromCharCode(bytes[i]);
   }
-  return window.btoa(binary);
+  return btoa(binary);
 }
 function base64ToArrayBuffer(base64) {
-  const binary_string = window.atob(base64);
+  if (typeof Buffer !== "undefined") {
+    const buf = Buffer.from(base64, "base64");
+    return buf.buffer.slice(buf.byteOffset, buf.byteOffset + buf.byteLength);
+  }
+  const binary_string = atob(base64);
   const len = binary_string.length;
   const bytes = new Uint8Array(len);
   for (let i = 0; i < len; i++) {
@@ -458,9 +549,15 @@ var Wolfronix = class {
       throw new Error("Public key not available. Is user logged in?");
     }
     formData.append("client_public_key", this.publicKeyPEM);
-    return this.request("POST", "/api/v1/encrypt", {
+    const response = await this.request("POST", "/api/v1/encrypt", {
       formData
     });
+    return {
+      status: response.status,
+      file_id: String(response.file_id),
+      file_size: response.file_size,
+      enc_time_ms: response.enc_time_ms
+    };
   }
   /**
    * Decrypt and retrieve a file
@@ -551,6 +648,68 @@ var Wolfronix = class {
     }
     return this.request("DELETE", `/api/v1/files/${fileId}`);
   }
+  // ============================================================================
+  // E2E Chat Encryption Methods
+  // ============================================================================
+  /**
+   * Get another user's public key (for E2E encryption)
+   * @param userId The ID of the recipient
+   */
+  async getPublicKey(userId) {
+    this.ensureAuthenticated();
+    const result = await this.request("GET", `/api/v1/keys/${userId}`);
+    return result.public_key;
+  }
+  /**
+   * Encrypt a short text message for a recipient (Hybrid Encryption: RSA + AES)
+   * Returns a secure JSON string (packet) to send via chat
+   * 
+   * @param text The plain text message
+   * @param recipientId The recipient's user ID
+   */
+  async encryptMessage(text, recipientId) {
+    this.ensureAuthenticated();
+    const recipientPubKeyPEM = await this.getPublicKey(recipientId);
+    const recipientPubKey = await importKeyFromPEM(recipientPubKeyPEM, "public");
+    const sessionKey = await generateSessionKey();
+    const { encrypted: encryptedMsg, iv } = await encryptData(text, sessionKey);
+    const rawSessionKey = await exportSessionKey(sessionKey);
+    const encryptedSessionKey = await rsaEncrypt(rawSessionKey, recipientPubKey);
+    const packet = {
+      key: encryptedSessionKey,
+      iv,
+      msg: encryptedMsg
+    };
+    return JSON.stringify(packet);
+  }
+  /**
+   * Decrypt a message packet received from chat
+   * 
+   * @param packetJson The secure JSON string packet
+   */
+  async decryptMessage(packetJson) {
+    this.ensureAuthenticated();
+    if (!this.privateKey) {
+      throw new Error("Private key not available. Is user logged in?");
+    }
+    let packet;
+    try {
+      packet = JSON.parse(packetJson);
+    } catch (e) {
+      throw new ValidationError("Invalid message packet format");
+    }
+    if (!packet.key || !packet.iv || !packet.msg) {
+      throw new ValidationError("Invalid message packet structure");
+    }
+    try {
+      const rawSessionKey = await rsaDecrypt(packet.key, this.privateKey);
+      const sessionKey = await importSessionKey(rawSessionKey);
+      const plainText = await decryptData(packet.msg, packet.iv, sessionKey);
+      return plainText;
+    } catch (error) {
+      throw new Error("Decryption failed. You may not be the intended recipient.");
+    }
+  }
   // ==========================================================================
   // Metrics & Status
   // ==========================================================================

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "wolfronix-sdk",
-  "version": "1.2.0",
+  "version": "1.3.1",
   "description": "Official Wolfronix SDK for JavaScript/TypeScript - Zero-knowledge encryption made simple",
   "main": "dist/index.js",
   "module": "dist/index.mjs",