This code is a JavaScript module that provides functions to encrypt sensitive data using both asymmetric (RSA) and symmetric (AES) encryption algorithms. The purpose of this module is to demonstrate a client-side encryption process that can be used to secure data before sending it to a server, ensuring that only the server with the corresponding private key can decrypt and access the data.
To run this code, you need to have the node-forge
library installed in your project. You can install it using npm:
npm install node-forge
This function takes in a symmetric AES key (AESKey
) and a server's public RSA key (publicKey
) in PEM format. It encrypts the AES key using the RSA-OAEP (Optimal Asymmetric Encryption Padding) scheme and returns the encrypted result in Base64 format.
This function takes in plaintext (text
), a symmetric AES key (key
), and an initialization vector (iv
). It uses the AES-CBC (Cipher Block Chaining) encryption mode to encrypt the text
using the provided key
and iv
. The function returns the encrypted result in hexadecimal format.
This is the main function that encrypts the payload data before sending it to the server. It takes a JSON payload
object containing sensitive data (e.g., username and password).
- A random symmetric key (
symmetricKey
) and initialization vector (iv
) are generated, each consisting of 16 bytes. - The server's public RSA key (
serverPublicKey
) is used to encrypt thesymmetricKey
using theencryptAESKey
function. - The
payload
data is serialized as a JSON string and encrypted using thesymmetricKey
andiv
with theencryptText
function. - The result of step 3 (encrypted payload) is combined with the
iv
and encoded in Base64 format, creating a single string representing the encrypted payload and IV. - The encrypted symmetric key (
encryptedSymmetricKey
) and the combined result from step 4 are returned as properties in an object.
Please note that the server's public RSA key (serverPublicKey
) used in this code is provided as a static string for demonstration purposes. In a real-world scenario, the server's public key should be fetched securely from the server or some trusted source.
To use the encryptPayload
function, simply import it into your code and call it with the appropriate payload
object:
import encryptPayload from './path/to/EncryptPayload';
const payload = {
username: 'example_username',
password: 'example_password',
};
const encryptedData = encryptPayload(payload);
console.log('Encrypted Data:', encryptedData);
Please ensure that you have the node-forge
library installed and accessible in your project when using this code. Additionally, use the encrypted data (encryptedData
) to make the API call and send it to the server. The server will then use its private key to decrypt the symmetric key and subsequently decrypt the payload data securely.