wolfronix-sdk 1.3.0 → 1.3.2

package/README.md

@@ -127,8 +127,49 @@ async function main() {
 }
 
 main();
+// Decrypt and save
+  const decrypted = await wfx.decryptToBuffer(file_id);
+  fs.writeFileSync('decrypted.pdf', Buffer.from(decrypted));
+}
+
+main();
+```
+
+### 💬 E2E Encrypted Chat Integration
+
+Turn any chat app into a secure, end-to-end encrypted messenger in minutes.
+
+**Sender (Alice):**
+```typescript
+// 1. Get Bob's Public Key & Encrypt Message
+const securePacket = await wfx.encryptMessage("Secret details at 5 PM", "bob_user_id");
+
+// 2. Send 'securePacket' string via your normal chat API (Socket.io, Firebase, etc.)
+chatSocket.emit('message', {
+  to: 'bob',
+  text: securePacket // Valid JSON string
+});
 ```
 
+**Recipient (Bob):**
+```typescript
+// 1. Receive message from chat server
+chatSocket.on('message', async (msg) => {
+  try {
+    // 2. Decrypt locally with Bob's Private Key
+    const plainText = await wfx.decryptMessage(msg.text);
+    console.log("Decrypted:", plainText);
+  } catch (err) {
+    console.error("Could not decrypt message");
+  }
+});
+```
+
+**Features:**
+- **Hybrid Encryption:** Uses AES-256 for messages + RSA-2048 for key exchange (Fast & Secure).
+- **Zero-Knowledge:** Your chat server only sees encrypted packets.
+- **Universal:** Works with any backend (Socket.io, Firebase, PostgreSQL, etc).
+
 ## API Reference
 
 ### Constructor
@@ -166,6 +207,14 @@ new Wolfronix(config: WolfronixConfig | string)
 | `listFiles()` | List user's encrypted files |
 | `deleteFile(fileId)` | Delete encrypted file |
 
+### E2E Chat Encryption
+
+| Method | Description |
+|--------|-------------|
+| `getPublicKey(userId)` | Fetch a user's RSA public key |
+| `encryptMessage(text, recipientId)` | Encrypt text for a recipient (returns packet string) |
+| `decryptMessage(packetString)` | Decrypt a received message packet |
+
 ### Utility
 
 | Method | Description |

package/dist/index.d.mts

@@ -51,6 +51,11 @@ interface MetricsResponse {
     total_bytes_encrypted: number;
     total_bytes_decrypted: number;
 }
+interface EncryptMessagePacket {
+    key: string;
+    iv: string;
+    msg: string;
+}
 declare class WolfronixError extends Error {
     readonly code: string;
     readonly statusCode?: number;
@@ -188,6 +193,25 @@ declare class Wolfronix {
      * ```
      */
     deleteFile(fileId: string): Promise<DeleteResponse>;
+    /**
+     * Get another user's public key (for E2E encryption)
+     * @param userId The ID of the recipient
+     */
+    getPublicKey(userId: string): Promise<string>;
+    /**
+     * Encrypt a short text message for a recipient (Hybrid Encryption: RSA + AES)
+     * Returns a secure JSON string (packet) to send via chat
+     *
+     * @param text The plain text message
+     * @param recipientId The recipient's user ID
+     */
+    encryptMessage(text: string, recipientId: string): Promise<string>;
+    /**
+     * Decrypt a message packet received from chat
+     *
+     * @param packetJson The secure JSON string packet
+     */
+    decryptMessage(packetJson: string): Promise<string>;
     /**
      * Get encryption/decryption metrics
      *
@@ -218,4 +242,4 @@ declare class Wolfronix {
  */
 declare function createClient(config: WolfronixConfig | string): Wolfronix;
 
-export { type AuthResponse, AuthenticationError, type DeleteResponse, type EncryptResponse, type FileInfo, FileNotFoundError, type ListFilesResponse, type MetricsResponse, NetworkError, PermissionDeniedError, ValidationError, Wolfronix, type WolfronixConfig, WolfronixError, createClient, Wolfronix as default };
+export { type AuthResponse, AuthenticationError, type DeleteResponse, type EncryptMessagePacket, type EncryptResponse, type FileInfo, FileNotFoundError, type ListFilesResponse, type MetricsResponse, NetworkError, PermissionDeniedError, ValidationError, Wolfronix, type WolfronixConfig, WolfronixError, createClient, Wolfronix as default };

package/dist/index.d.ts

@@ -51,6 +51,11 @@ interface MetricsResponse {
     total_bytes_encrypted: number;
     total_bytes_decrypted: number;
 }
+interface EncryptMessagePacket {
+    key: string;
+    iv: string;
+    msg: string;
+}
 declare class WolfronixError extends Error {
     readonly code: string;
     readonly statusCode?: number;
@@ -188,6 +193,25 @@ declare class Wolfronix {
      * ```
      */
     deleteFile(fileId: string): Promise<DeleteResponse>;
+    /**
+     * Get another user's public key (for E2E encryption)
+     * @param userId The ID of the recipient
+     */
+    getPublicKey(userId: string): Promise<string>;
+    /**
+     * Encrypt a short text message for a recipient (Hybrid Encryption: RSA + AES)
+     * Returns a secure JSON string (packet) to send via chat
+     *
+     * @param text The plain text message
+     * @param recipientId The recipient's user ID
+     */
+    encryptMessage(text: string, recipientId: string): Promise<string>;
+    /**
+     * Decrypt a message packet received from chat
+     *
+     * @param packetJson The secure JSON string packet
+     */
+    decryptMessage(packetJson: string): Promise<string>;
     /**
      * Get encryption/decryption metrics
      *
@@ -218,4 +242,4 @@ declare class Wolfronix {
  */
 declare function createClient(config: WolfronixConfig | string): Wolfronix;
 
-export { type AuthResponse, AuthenticationError, type DeleteResponse, type EncryptResponse, type FileInfo, FileNotFoundError, type ListFilesResponse, type MetricsResponse, NetworkError, PermissionDeniedError, ValidationError, Wolfronix, type WolfronixConfig, WolfronixError, createClient, Wolfronix as default };
+export { type AuthResponse, AuthenticationError, type DeleteResponse, type EncryptMessagePacket, type EncryptResponse, type FileInfo, FileNotFoundError, type ListFilesResponse, type MetricsResponse, NetworkError, PermissionDeniedError, ValidationError, Wolfronix, type WolfronixConfig, WolfronixError, createClient, Wolfronix as default };

package/dist/index.js

@@ -48,6 +48,7 @@ var RSA_ALG = {
   hash: "SHA-256"
 };
 var WRAP_ALG = "AES-GCM";
+var SESSION_ALG = "AES-GCM";
 var PBKDF2_ITERATIONS = 1e5;
 async function generateKeyPair() {
   return await getCrypto().subtle.generateKey(
@@ -150,6 +151,80 @@ async function unwrapPrivateKey(encryptedKeyBase64, password, saltHex) {
     ["decrypt", "unwrapKey"]
   );
 }
+async function generateSessionKey() {
+  return await getCrypto().subtle.generateKey(
+    {
+      name: SESSION_ALG,
+      length: 256
+    },
+    true,
+    ["encrypt", "decrypt"]
+  );
+}
+async function encryptData(data, key) {
+  const enc = new TextEncoder();
+  const encodedData = enc.encode(data);
+  const iv = getCrypto().getRandomValues(new Uint8Array(12));
+  const encryptedContent = await getCrypto().subtle.encrypt(
+    {
+      name: SESSION_ALG,
+      iv
+    },
+    key,
+    encodedData
+  );
+  return {
+    encrypted: arrayBufferToBase64(encryptedContent),
+    iv: arrayBufferToBase64(iv.buffer)
+  };
+}
+async function decryptData(encryptedBase64, ivBase64, key) {
+  const encryptedData = base64ToArrayBuffer(encryptedBase64);
+  const iv = base64ToArrayBuffer(ivBase64);
+  const decryptedContent = await getCrypto().subtle.decrypt(
+    {
+      name: SESSION_ALG,
+      iv
+    },
+    key,
+    encryptedData
+  );
+  const dec = new TextDecoder();
+  return dec.decode(decryptedContent);
+}
+async function rsaEncrypt(data, publicKey) {
+  const encrypted = await getCrypto().subtle.encrypt(
+    {
+      name: "RSA-OAEP"
+    },
+    publicKey,
+    data
+  );
+  return arrayBufferToBase64(encrypted);
+}
+async function rsaDecrypt(encryptedBase64, privateKey) {
+  const data = base64ToArrayBuffer(encryptedBase64);
+  const decrypted = await getCrypto().subtle.decrypt(
+    {
+      name: "RSA-OAEP"
+    },
+    privateKey,
+    data
+  );
+  return decrypted;
+}
+async function exportSessionKey(key) {
+  return await getCrypto().subtle.exportKey("raw", key);
+}
+async function importSessionKey(raw) {
+  return await getCrypto().subtle.importKey(
+    "raw",
+    raw,
+    SESSION_ALG,
+    true,
+    ["encrypt", "decrypt"]
+  );
+}
 function arrayBufferToBase64(buffer) {
   const bytes = new Uint8Array(buffer);
   if (typeof Buffer !== "undefined") {
@@ -607,6 +682,68 @@ var Wolfronix = class {
     }
     return this.request("DELETE", `/api/v1/files/${fileId}`);
   }
+  // ============================================================================
+  // E2E Chat Encryption Methods
+  // ============================================================================
+  /**
+   * Get another user's public key (for E2E encryption)
+   * @param userId The ID of the recipient
+   */
+  async getPublicKey(userId) {
+    this.ensureAuthenticated();
+    const result = await this.request("GET", `/api/v1/keys/${userId}`);
+    return result.public_key;
+  }
+  /**
+   * Encrypt a short text message for a recipient (Hybrid Encryption: RSA + AES)
+   * Returns a secure JSON string (packet) to send via chat
+   * 
+   * @param text The plain text message
+   * @param recipientId The recipient's user ID
+   */
+  async encryptMessage(text, recipientId) {
+    this.ensureAuthenticated();
+    const recipientPubKeyPEM = await this.getPublicKey(recipientId);
+    const recipientPubKey = await importKeyFromPEM(recipientPubKeyPEM, "public");
+    const sessionKey = await generateSessionKey();
+    const { encrypted: encryptedMsg, iv } = await encryptData(text, sessionKey);
+    const rawSessionKey = await exportSessionKey(sessionKey);
+    const encryptedSessionKey = await rsaEncrypt(rawSessionKey, recipientPubKey);
+    const packet = {
+      key: encryptedSessionKey,
+      iv,
+      msg: encryptedMsg
+    };
+    return JSON.stringify(packet);
+  }
+  /**
+   * Decrypt a message packet received from chat
+   * 
+   * @param packetJson The secure JSON string packet
+   */
+  async decryptMessage(packetJson) {
+    this.ensureAuthenticated();
+    if (!this.privateKey) {
+      throw new Error("Private key not available. Is user logged in?");
+    }
+    let packet;
+    try {
+      packet = JSON.parse(packetJson);
+    } catch (e) {
+      throw new ValidationError("Invalid message packet format");
+    }
+    if (!packet.key || !packet.iv || !packet.msg) {
+      throw new ValidationError("Invalid message packet structure");
+    }
+    try {
+      const rawSessionKey = await rsaDecrypt(packet.key, this.privateKey);
+      const sessionKey = await importSessionKey(rawSessionKey);
+      const plainText = await decryptData(packet.msg, packet.iv, sessionKey);
+      return plainText;
+    } catch (error) {
+      throw new Error("Decryption failed. You may not be the intended recipient.");
+    }
+  }
   // ==========================================================================
   // Metrics & Status
   // ==========================================================================

package/dist/index.mjs

@@ -14,6 +14,7 @@ var RSA_ALG = {
   hash: "SHA-256"
 };
 var WRAP_ALG = "AES-GCM";
+var SESSION_ALG = "AES-GCM";
 var PBKDF2_ITERATIONS = 1e5;
 async function generateKeyPair() {
   return await getCrypto().subtle.generateKey(
@@ -116,6 +117,80 @@ async function unwrapPrivateKey(encryptedKeyBase64, password, saltHex) {
     ["decrypt", "unwrapKey"]
   );
 }
+async function generateSessionKey() {
+  return await getCrypto().subtle.generateKey(
+    {
+      name: SESSION_ALG,
+      length: 256
+    },
+    true,
+    ["encrypt", "decrypt"]
+  );
+}
+async function encryptData(data, key) {
+  const enc = new TextEncoder();
+  const encodedData = enc.encode(data);
+  const iv = getCrypto().getRandomValues(new Uint8Array(12));
+  const encryptedContent = await getCrypto().subtle.encrypt(
+    {
+      name: SESSION_ALG,
+      iv
+    },
+    key,
+    encodedData
+  );
+  return {
+    encrypted: arrayBufferToBase64(encryptedContent),
+    iv: arrayBufferToBase64(iv.buffer)
+  };
+}
+async function decryptData(encryptedBase64, ivBase64, key) {
+  const encryptedData = base64ToArrayBuffer(encryptedBase64);
+  const iv = base64ToArrayBuffer(ivBase64);
+  const decryptedContent = await getCrypto().subtle.decrypt(
+    {
+      name: SESSION_ALG,
+      iv
+    },
+    key,
+    encryptedData
+  );
+  const dec = new TextDecoder();
+  return dec.decode(decryptedContent);
+}
+async function rsaEncrypt(data, publicKey) {
+  const encrypted = await getCrypto().subtle.encrypt(
+    {
+      name: "RSA-OAEP"
+    },
+    publicKey,
+    data
+  );
+  return arrayBufferToBase64(encrypted);
+}
+async function rsaDecrypt(encryptedBase64, privateKey) {
+  const data = base64ToArrayBuffer(encryptedBase64);
+  const decrypted = await getCrypto().subtle.decrypt(
+    {
+      name: "RSA-OAEP"
+    },
+    privateKey,
+    data
+  );
+  return decrypted;
+}
+async function exportSessionKey(key) {
+  return await getCrypto().subtle.exportKey("raw", key);
+}
+async function importSessionKey(raw) {
+  return await getCrypto().subtle.importKey(
+    "raw",
+    raw,
+    SESSION_ALG,
+    true,
+    ["encrypt", "decrypt"]
+  );
+}
 function arrayBufferToBase64(buffer) {
   const bytes = new Uint8Array(buffer);
   if (typeof Buffer !== "undefined") {
@@ -573,6 +648,68 @@ var Wolfronix = class {
     }
     return this.request("DELETE", `/api/v1/files/${fileId}`);
   }
+  // ============================================================================
+  // E2E Chat Encryption Methods
+  // ============================================================================
+  /**
+   * Get another user's public key (for E2E encryption)
+   * @param userId The ID of the recipient
+   */
+  async getPublicKey(userId) {
+    this.ensureAuthenticated();
+    const result = await this.request("GET", `/api/v1/keys/${userId}`);
+    return result.public_key;
+  }
+  /**
+   * Encrypt a short text message for a recipient (Hybrid Encryption: RSA + AES)
+   * Returns a secure JSON string (packet) to send via chat
+   * 
+   * @param text The plain text message
+   * @param recipientId The recipient's user ID
+   */
+  async encryptMessage(text, recipientId) {
+    this.ensureAuthenticated();
+    const recipientPubKeyPEM = await this.getPublicKey(recipientId);
+    const recipientPubKey = await importKeyFromPEM(recipientPubKeyPEM, "public");
+    const sessionKey = await generateSessionKey();
+    const { encrypted: encryptedMsg, iv } = await encryptData(text, sessionKey);
+    const rawSessionKey = await exportSessionKey(sessionKey);
+    const encryptedSessionKey = await rsaEncrypt(rawSessionKey, recipientPubKey);
+    const packet = {
+      key: encryptedSessionKey,
+      iv,
+      msg: encryptedMsg
+    };
+    return JSON.stringify(packet);
+  }
+  /**
+   * Decrypt a message packet received from chat
+   * 
+   * @param packetJson The secure JSON string packet
+   */
+  async decryptMessage(packetJson) {
+    this.ensureAuthenticated();
+    if (!this.privateKey) {
+      throw new Error("Private key not available. Is user logged in?");
+    }
+    let packet;
+    try {
+      packet = JSON.parse(packetJson);
+    } catch (e) {
+      throw new ValidationError("Invalid message packet format");
+    }
+    if (!packet.key || !packet.iv || !packet.msg) {
+      throw new ValidationError("Invalid message packet structure");
+    }
+    try {
+      const rawSessionKey = await rsaDecrypt(packet.key, this.privateKey);
+      const sessionKey = await importSessionKey(rawSessionKey);
+      const plainText = await decryptData(packet.msg, packet.iv, sessionKey);
+      return plainText;
+    } catch (error) {
+      throw new Error("Decryption failed. You may not be the intended recipient.");
+    }
+  }
   // ==========================================================================
   // Metrics & Status
   // ==========================================================================

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "wolfronix-sdk",
-  "version": "1.3.0",
+  "version": "1.3.2",
   "description": "Official Wolfronix SDK for JavaScript/TypeScript - Zero-knowledge encryption made simple",
   "main": "dist/index.js",
   "module": "dist/index.mjs",
@@ -62,4 +62,4 @@
       "optional": true
     }
   }
-}
+}