Created
January 29, 2021 01:24
-
-
Save AdamJLemmon/7250eb4dd40e456076f5d43e5ad5894d to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/** | |
* Standards Referenced: | |
* JSON Web Encryption (JWE) https://tools.ietf.org/html/rfc7516 | |
* JSON Object Signing and Encryption (JOSE) https://www.iana.org/assignments/jose/jose.xhtml | |
*/ | |
const crypto = require('crypto') | |
const base64url = require('base64url') | |
// The location of the document within some third party service that will host these documents | |
const DOCUMENT_URL = 'https://example.com/docs/VRdqHY1xwB' | |
const DOCUMENT_ACCESS_TOKEN = 'd2925f29fcd7' | |
const JWE_ALG = 'A256KW' | |
const JWE_ENC = 'A256CBC-HS512' | |
const ENCRYPTION_ALGORITHM = 'aes-256-cbc' | |
const IV_LENGTH = 16 | |
const KEY_LENGTH = 32 | |
/** | |
* | |
* @param {Object} jwe JWE JSON Serialization https://tools.ietf.org/html/rfc7516#section-3.2 | |
* @param {String} key The shared secret to | |
* @returns {Object} | |
* @param {String} plaintext | |
*/ | |
const decrypt = ({ jwe, key }) => { | |
const ciphertextBuffer = Buffer.from(jwe.ciphertext, 'base64') | |
const keyBuffer = Buffer.from(key, 'base64') | |
const ivBuffer = Buffer.from(jwe.iv, 'base64') | |
// Note pull alg and enc from JWE header and interpret how to decrypt in practise | |
const decipher = crypto.createDecipheriv(ENCRYPTION_ALGORITHM, keyBuffer, ivBuffer) | |
const decrypted = decipher.update(ciphertextBuffer) | |
const decryptedBuffer = Buffer.concat([decrypted, decipher.final()]) | |
const plaintext = decryptedBuffer.toString() | |
return { plaintext } | |
} | |
const run = () => { | |
const jwe = { | |
"protected":"eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIn0", | |
"iv":"YONQKP1JUiNadFeVhvGd4g", | |
"ciphertext":"PiLMGjiznuBkYzNICYlqaG78MkexhYKEjwnw7aavUUkr2spsL21_lonjdA9vSSQBq0WLnqtdd3BMEuwNsYhPWrsF9-PFv0ZeAdEPShj17FdB5pptIQxNosGK_EzCxXhfx_3tu8nSN26wLiToPZmjKNopjvXrNZcr8_YgUiIkrF62y6Xs0Zk4Veg4iu5cqJxccFeM3SDauCy-zn6FXw6BMiLmyhuYl9UbLhXGCSK5AHS6Hhmam_xr4JPfrLmbe9kA8GRJXkqVX5bXGN4VWIfmGbXAG8RaRycPE0yRCiARCVSa5rYWu--aMc4j3UePlGsNxxRdX_u-Vbo8cA2AgpQhvPplFTIChT3IAJJv9t_2EZ9epPT_Y0a1EEELN1vD08Y5Vb89LUWDW6W1p9rsL7DlifCjZmBquWfoASWlNZF5zXSEK8UIFunw2cb78UgdIBnnp1y2D268HB98CmZD7Wc4uDzpTAXhppg32XFaMYZeOqbfy2WwomDrrCiCY6WLvjrlkN29VKYtGu_KaNnJaKtBk8lWN9KwriUOFPjxEzBG4gHO5mhl-cdY8jqJDs2JBvMqVfurEAjF0lwMo01tVXGsQMjBwSrIdXTsj_hJaamoQdkVzAfCNZcpHCUbafpk_2xP8Wtzm7jy2TRv_6NVWWjiAYuyL0Pu1E8Luolt0V54Pvr25NJTAscx9bEc3KYaX8tkwo6rcDupLeqrxZLZ9HKFGZ8R6PZ8YqyhKcQFAXGaDwlNpwroVpZdnYmy-hWTnavOKXSFA6iIgozAVcDT4GL5iUEjzSmGLN17e1U1bgdW2EhPVhOS-nhLFaqfEgxmaaLfYBvVxUQ6ngYXce0noU1ACHnwekhFlr6odR71bkyRQn9C_LVrOBHZTvUojrC4hQg3SdeQMMv3r_gLwo5RLK72K4P_G87SMTtBSH8L7uwlJ40ATgL916y3HA31REq2AmZQiFUuInFWa_71qE6bX-8bFzGPsc228zDqZusXcjOSVwn-ap_JHPZX8Y7dt8Lha8mAWC8R7Ckr9bXNvyOjeQe1R8Fqr-OY_Cfmz1Mdn3RIi62rK0T0cyBvfJsqCC2uDPOQtLRgEpbhKEpR6ShFEApogvZoCUijpzLnEIHL-R4AwslMh3h3gwsR6elg5wvjUAC95_Uz6mxVPbyW-x-3zdMIZF2euptyepKQFtThAbw_39QUwcCVJZw-cSz8IKOMtfWwZ8JHcHxyUpiC8GO_OarCPOa6ZlBtuPvORSGRAbJ_Pth6mPlPNVV37ps3RJ8c98vk2wB_a4UpAMpOTlSlo-wSuFFjLGlnCs224E4MdYDw1pfh5vBWSIWwYiVIRKC-ITWQWOJVM17prZn9f7ERF1rWJSOTsAVMdI6tktKKvaKmmXvMZKVC5KfcyPOVRuJNU5lMtwNXAzE33Ze_V0McbKH923NfYKY9weBIAZmhUpp6w3aXvKzLFvR88RenPvpNb6HlufZXonqmjaF8a699WU7ucUG2DzikUWf2ffEeFw4LKn-Em8uWIJhoWiwWPfKOynoZAFyTsWx8FXKA_XL6QgWWvohfiw9bX30uRHR9biyUzxtvaiOryA79wBMgPq6jR3D_1NXosCgl-lqXGV4bNvEFulVaPq6puSZJrtNMx3cCyG70kNi6JGGRsfm1OFT_vwpYPyLBl8DGW_KRb5iabLl1lZrYxQd5qDLJqS6UZbGiDxGDYbrWwnEd_j43UCSSD-VJsWX1wmynctjhMhj3WQ_u7LCwQ-jLOO8A18ZxAJ5fyuk7aXhhXZb9vml0FulYNckDbURsDvRgjBAbesqOIbSac9VDgYbCPFicYK9lggBhv4rIssBoVEuy5-WuaOFpVWuY0iiIOIAo8x-MlwfiLNvVLQFbP776hebmHqjR5enKUVAziwa58A6EWW2Gq6WIICTEChrYBj5DVncnhcdLzCPr8YsTBTtUKPJjU4Ap8h8rt1afGerzDKlq0XTy1JFR0LycLHHzKIQpoMMw_pKxnZp8uwmMIuoEUyiW4X04QsF9_l2MQzpD0myMSo-6P_edvsBJqUaNK9QYgJI8JQBIK-40EDaIGpQuQaZMb35wqKeijVgXp7PyQW97QxLj-1HUs2owJkN3d2UNEB7SC-8kL7YgqdS1WZc9Tb98NhELqveosqClb9aOA3qxqRjWIYJopvAfmBFZ6LGyoURKOYckn76jGdW7KS-hIYuplx-mv0N2YWsT4AjVQUG7Pkzv0rEeKNVeT-LjielvKNVYjMz5BtIEnxWKqlpeZ1THu5aTq4B2_GEY_YRTh4CAEKJaqXiNk01_lRmx_n9hkY_5eg5PBJVYgmRS9KtGZeTXvD3DzXxYANpxaAlMC6O2z4Nl-6sWEklmoQhvHBNSif3c6iD4kmyuGWA3Xsf9-cKVM2D43AdtahfkE5couP17sQ2rp4Hg25X9hQMcFjBS3hcSbKdYjcDxkeno6T_2rD2BYcyQXIT1hy-OB0G8cWYarswA4maYZ6hmlXaRVr6NAA7xMK0Taupx3ou57U25k-ddqSoLU3KXka0hZeW8x-4_yxGZEKlh7MlIre63zo2D-R1yNRFCCfsVx4M-2VAGOgscu6PZKTLjC-tqZHdiF8I4EIkuWRDqIvysZIExIEJJABcJD9NVh6GmSO8a25e7Jrb-v95JXfyuUQaTZfdNXgm_xFGtXHt0tNt8X-IFMtAUAfyJrHbzaWLo0ApT9s0vmTBLY1RTc0-vRP4W-4_c4O9_0CfEG5x0u2uXgHezEEyTEao_2hPDDU8tzA_-EPdbjxUBbT40rR8IndQgpoMDqiC7ZYCyWWXqlUlk0xRrm0Ccpdo9EGddviyK6nU3tkloIozCze8ZbqZBtXf3LbaCoGK4FphPBG5Y0ys8otlLW1xILjTc3aVPHcFmoDkNz-vp5_-Qx8Nks5mFVpFl--JLHnLJF2tYzg3rtSLpVdeObOQ374KXTvqHSSNlWapE-cnxiY7APKWwHJLi06kWms1xt4yP8Gz_1_JTeq5R8GtlGq3p2cy1qZvjX7recQgp4bk6-dOOtR7s0bjHCPcmyvMrSkC0AR4GPd6VWJxoOxmvJAph5Hyyk7FfJqlSgygBz-1chc_41UeenfUsmRQzzN_lD-mKfI_v2dRpu4mS4KDpBz2HGlMqxAjBiFCuRD-NSxw9OH7R-dZkpLPPlXl9txVa4vEzv1LNIRCikLGUnh-VP5w8DsF1UTLXyKgB3W_CpxwWhQSnBkwI_D2xXu4OXDYEbT5H_21YGtxFBh2WK1m8Tu2Q_odstNTdadYj9TxKIMRk-HH-dcrHxmFCeHy5vO9DMW2cwirkssMTJJQbLIaLAj6_YvFosSZp-Qy7hFLxYYsQ_j132DaGgYb57BsxdY9oDcLR6yua7UrvPnaFvI2EUnyeqpnGqJfDPwp5-QayOfitk7kQMlW_Dr-AP8ryNx9u8SVfAzB7X6oAw6Y2kbnYX8EFDtm8G4Q-v1dFDP7WtvEIFv4--BY-Ksrn8qnxT6amxaQa5kOtgL0GotDwvrumMuA9ViEtZJuRDcjeIk1fmxotr67AFoZ7-T0U-qG77k1fxDHXMz4GAOzX-tRsLfao7ulLHuuR9jOFi_Y7SBdOa_4rFE2NgcgoqIm2D1RusvEy33jIwW90SigsKOf5qC1nakAbsMSiSsdQbiIbLFYAcUVv3QZTSPNBqU2ZqnTOdLOLeb9RvFofR4xbL8Cla5emmvMKGcWEtE4pAaI_JoKN0fne4q-hYyGMVc6A9XBUJFI5Xkohbbn31qvPpYDL8CXKvZQpSMkzkJ6ZczLyz4iXUCdPoPMnm45JZMK-i7JxvC3fHK-e2dWoiNXJ42YMvfMNrI_SSKm_JYj2zwbz-PqMcvrojNR0MjPj0UBhl9XwJQaA9zCnl9oMuwQgFDILXay3XtkXkuTUYR3LH5_g3isl3ZBja3qXznNd2p20WsDOOLOxuogNGWJiydbvCJmKMqZGhJzDWeocbph6OIEFkd0w8cRDJLK4nqBlxAWnDMOxRb0W6BB96zmz1mnmBemzG5cM0DxS3eYBTbNZf8iA4YGcW1di8NxoCImXDwm0efLfaO-5wzkW--vcuVF8UikEtAR9nzbormJHES1AprR-jXKMoyiHxb1Wv7MK5i9Rk7JCcR2ERJ_oTtXmOjEG5offGlwb4QW-AmN4eVRhXV39s1KKygQ9CKBih2cvL0BBP5GuCuj-sOeTUML7KBhPaVCZ5WQnMJ1KtmJDsN9qVpfYbnD9dm9kWa580QbTqEQ_DKoOGHyVHJtjbjMql1WiD6vGwHoKTBaiPPV47sY1MzjGkSMUkoz5z6td0reKgc4ZLNEp3ii3zEi2E9mfX_rJlqfzJCActR-FlUU2Z_m6Nenj8mKii31F-_wvonsIOIdBiudZtTBsdRq1-K8k9JnOQi0i-ZYd5YtJVfe4Dv13l1oOBt8zmPLZidKHEi60kI_fkAaqiwiUpYn7enQ45TyzVVOUxCyUap3Xa4Flw-vo9rgG2Q2x4ClcmFqWKW82MCgm6fdTMmXV68bILS6M0tT60poE2b4uqgOQNPG0RcaPB0GIMr2VYuQe6zlss5fyr7jSWEVAbWVSQHZs_AlsSMFu5SIz_46eTq_9Gybu9kq0PYirVLbH9PHMN4u1htOnbMdZ80InH5gyYecbWosusJj_iGEbr9e-i8itqQUfXNloAukvhROcFgANo5APPYg4dyMrXIiNJz90ZtLYi7JFCL8e-hONSAz4PJNTcbIYTHoIIgStpWRLiwfwh8kcNMhUyeJUBOZWAilOBGxNUs-8UCKqvsVrHznNUCjbtQF9vQr0Ow5ixcmqxFjPiCKf6xs3W7Y_tUptt_QoISpIp3AQhw7LiUBjCSrZTT9MXy4KMQCakENj_Gp6fQ2HzeOIbBjvX4QqCnenZKPI8HRlRknH2HOHvN92CawXlIwqMI9KgCauA1dCLt5yyZURrqLpCANpLF5np3iavHjf4D43sdcprrE5y6PniyOvpofwAwi6KdFFN4bsHbqTjBqJtnqxt8xWJZUtMUzCrTKWxSExY00QGU32YIWtYcnq0N-MTzz9IOo0rW7-CQpTynpodNfFwYy3TZiwelokaGdN54Ame8SfTudaLD9StuJjFJJ1GOkukFE3nFzfHO5UXoDolX9dbicHrrGEzQdpsNzMuIo9jOKEG1muSadjYqJKb1IP07WNtd6W78M65bohhnpsvT-iLossF_obhQ75WmvI1vOnaxpDnNuwPKq5k1lCzU0co8fukDw3pYJIadVhDI9rPDlcdY-KZvaGEk3qSwTSPcJ8T8WDptu1HZYHuyYIKYOZW0rtZFlRfAPnHGKU5DzmMi4HYKv1YdlZ27axbM2V7XknEwv-XUTJep7SPozlMooGbgghablFgdzLWJlINNlufHbLOjcvPp7CEFb3d8DWYWPyXgV07Bb4q6c7JqbaO2jVc-aTnC1Gcm9p245nLRerUsjArM6ldnQjISyPsyONuO3oFKtpFeYNFQFVSwhwcvTz6VMjwQkCxCNzSM9NhXPC6UkhkGKLvtA49MBQwCvjkUvX5z_bvI5V5iHssupjq6TgyUmZlRd1z7DhA-41x3vvnp8LtPEu1xfGJKGOoJUwChAmGNlRtWmxmCUj5ssfwMrxEfw8GRs3AhRX3ELsRjj_VAq-4qRQu7MSHgiKJAOzJsDNhdedgQMi5huotSGMh1wNGpX6Z1gSlm92l0f6OTP_knwLBA_Z3Kupo7qGDHXgZRINLI9xWa1LE_IDXIr8igLYThzFbaL2LNX7iWyT3dq7MWHAn5dB41RT85G0FsmpMvvACqVlu2Zcq037vzBAAwuF9O-40VzXyqpzin5lsPj7rOKcGIi8Q1T1rChXBgzRiu1vPuBZZ1T22i_mexG0FijgoJgPiFHOHB0BBiSrkLfGaqc39ycEu_GrFwJ4rYoXRVnrSxXdfpzlRP3PKyKW59NorVc6nCwKlV7guNWpORMhErqJVAo0hC8HmF73VgLt9g9YIgvPG39tEuwm" | |
} | |
const key = "KawwfZezqJ58YijT9fLIcosQKBBiGr8AiQbEvy5dFPM=" | |
console.log({ jwe }) | |
const { plaintext } = decrypt({ jwe, key }) | |
const vc = JSON.parse(plaintext) | |
console.log({ vc }) | |
} | |
run() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment