Skip to content
/ jose-simple Public

Jose-Simple allows the encryption and decryption of data using the JOSE (JSON Object Signing and Encryption) standard.

codeburst.io/securing-tokens-with-help-from-jose-33d8c31835a1
63 stars 4 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

davesag/jose-simple

BranchesTags

Repository files navigation

jose-simple

Proper encryption ought to be simple, and widespread.

Jose-Simple simplifies the encryption and decryption of data using the JOSE (JSON Object Signing and Encryption) standard.

NPM

Caveats

Installation

npm install jose-simple

Links

Usage

const jose = require('jose-simple')
// You need a private / public JWE key pair.
// Either load them from `.pem` files, create them, or somehow acquire them.
// The private key must not have a passphrase or cypher!
// see https://github.com/cisco/node-jose/issues/69#issuecomment-236133179
// see also https://github.com/cisco/node-jose/issues/234#issuecomment-457615794
// see unit tests for a simple example.

const { encrypt, decrypt } = jose(privateKey, publicKey)

const someData = {
  some: 'amazing data',
  you: 'want to keep hidden',
  from: 'prying eyes'
}

encrypt(someData).then(encrypted => {
  console.log('encrypted', encrypted)
  decrypt(encrypted).then(decrypted => {
    console.log('decrypted', decrypted)
    // decrypted will be the same as someData
  })
})

Options

See encrypt.js#L660-L668

You can add encrypt options as follows:

const { encrypt, decrypt } = jose(privateKey, publicKey, {
  format: 'compact'
  protect: true,
  // or any of the encrypt options than can be passed to JWE.createEncrypt.
  // https://github.com/cisco/node-jose/blob/master/lib/jwe/encrypt.js#L660-L668
})

Development

Branch Status Coverage Audit Comment
develop CircleCI codecov Vulnerabilities Work in progress
main CircleCI codecov Vulnerabilities Latest release

Prerequisites

  • NodeJS, I use nvm to manage Node versions — brew install nvm.

Test it

  • npm test — runs the unit tests. The tests give an example of how to create key pairs too. (Leverages the crypto.generateKeyPair libraries introduced in Node 10.12.0.)
  • npm run test:unit:cov — runs the unit tests with code coverage

Lint it

npm run lint

Contributing

Contributions are welcome. Please see CONTRIBUTING for more details.

About

Jose-Simple allows the encryption and decryption of data using the JOSE (JSON Object Signing and Encryption) standard.

codeburst.io/securing-tokens-with-help-from-jose-33d8c31835a1

Topics

json jwt base64 encryption signing jose decryption

Resources

Readme

Security policy

Security policy
Activity

Stars

63 stars

Watchers

7 watching

Forks

4 forks
Report repository

Releases 14

Version 1.3.1 (upgraded node-jose) Latest
Jul 30, 2022
+ 13 releases

Sponsor this project

 
Learn more about GitHub Sponsors

Packages

No packages published

Contributors 5

Languages