Skip to content

Jose-Simple allows the encryption and decryption of data using the JOSE (JSON Object Signing and Encryption) standard.

Notifications You must be signed in to change notification settings

davesag/jose-simple

Repository files navigation

jose-simple

Proper encryption ought to be simple, and widespread.

Jose-Simple simplifies the encryption and decryption of data using the JOSE (JSON Object Signing and Encryption) standard.

NPM

Caveats

Installation

npm install jose-simple

Links

Usage

const jose = require('jose-simple')
// You need a private / public JWE key pair.
// Either load them from `.pem` files, create them, or somehow acquire them.
// The private key must not have a passphrase or cypher!
// see https://github.com/cisco/node-jose/issues/69#issuecomment-236133179
// see also https://github.com/cisco/node-jose/issues/234#issuecomment-457615794
// see unit tests for a simple example.

const { encrypt, decrypt } = jose(privateKey, publicKey)

const someData = {
  some: 'amazing data',
  you: 'want to keep hidden',
  from: 'prying eyes'
}

encrypt(someData).then(encrypted => {
  console.log('encrypted', encrypted)
  decrypt(encrypted).then(decrypted => {
    console.log('decrypted', decrypted)
    // decrypted will be the same as someData
  })
})

Options

See encrypt.js#L660-L668

You can add encrypt options as follows:

const { encrypt, decrypt } = jose(privateKey, publicKey, {
  format: 'compact'
  protect: true,
  // or any of the encrypt options than can be passed to JWE.createEncrypt.
  // https://github.com/cisco/node-jose/blob/master/lib/jwe/encrypt.js#L660-L668
})

Development

Branch Status Coverage Audit Comment
develop CircleCI codecov Vulnerabilities Work in progress
main CircleCI codecov Vulnerabilities Latest release

Prerequisites

  • NodeJS, I use nvm to manage Node versions — brew install nvm.

Test it

  • npm test — runs the unit tests. The tests give an example of how to create key pairs too. (Leverages the crypto.generateKeyPair libraries introduced in Node 10.12.0.)
  • npm run test:unit:cov — runs the unit tests with code coverage

Lint it

npm run lint

Contributing

Contributions are welcome. Please see CONTRIBUTING for more details.