renatoargh/node-jose-example.ts

## node-jose-example.ts
import { JWK, JWE } from 'node-jose';

const store = JWK.createKeyStore()
const alphaKey = await JWK.createKey("RSA", 4096, {
  kid: '258df19c-f3bf-4f39-8829-a9adbd97d7d7',
  alg: 'RSA-OAEP-256',
  use: 'enc',
  expires_on: Math.floor(new Date().valueOf() / 1000),
})

const betaKey = await JWK.createKey("RSA", 4096, {
  kid: 'd955c2af-82e3-4e58-ae70-aa1afa8baf63',
  alg: 'RSA-OAEP-256',
  use: 'enc',
  expires_on: Math.floor(new Date().valueOf() / 1000),
})

await Promise.all([
  store.add(alphaKey),
  store.add(betaKey),
])

const plaintext = 'potato'
const format = 'compact' // `compact` meand JWT-like string. `flattened` means an object format.

// PUBLIC KEY ONLY
const alphaPublic = alphaKey.toJSON(false) // export PUBLIC key only
console.log('> Public Key:', JSON.stringify(alphaPublic, null, 2))

const publicEncrypted = await JWE.createEncrypt({ format }, alphaPublic).update(plaintext).final();
console.log(`> public encrypted (${format}):`, publicEncrypted)

const publicDecrypted = await JWE.createDecrypt(store).decrypt(publicEncrypted)
console.log('> public decrypted:', publicDecrypted.plaintext.toString())
console.log('')

// PRIVATE KEY ONLY
const alphaPrivateAndPublic = alphaKey.toJSON(true) // export PUBLIC and PRIVATE keys
console.log('> Public and Private Key:', JSON.stringify(alphaPrivateAndPublic, null, 2))

const privateEncrypted = await JWE.createEncrypt({ format }, alphaPrivateAndPublic).update(plaintext).final();
console.log(`> private encrypted (${format}):`, privateEncrypted)

const privateDecrypted = await JWE.createDecrypt(store).decrypt(privateEncrypted)
console.log('> private decrypted:', privateDecrypted.plaintext.toString())
console.log('')

// EXPORTING THE STORE AS JWKS
console.log('> JWKS:', JSON.stringify(store.toJSON(false), null, 2)) // `false` means only public keys exported
	import { JWK, JWE } from 'node-jose';

	const store = JWK.createKeyStore()
	const alphaKey = await JWK.createKey("RSA", 4096, {
	kid: '258df19c-f3bf-4f39-8829-a9adbd97d7d7',
	alg: 'RSA-OAEP-256',
	use: 'enc',
	expires_on: Math.floor(new Date().valueOf() / 1000),
	})

	const betaKey = await JWK.createKey("RSA", 4096, {
	kid: 'd955c2af-82e3-4e58-ae70-aa1afa8baf63',
	alg: 'RSA-OAEP-256',
	use: 'enc',
	expires_on: Math.floor(new Date().valueOf() / 1000),
	})

	await Promise.all([
	store.add(alphaKey),
	store.add(betaKey),
	])

	const plaintext = 'potato'
	const format = 'compact' // `compact` meand JWT-like string. `flattened` means an object format.

	// PUBLIC KEY ONLY
	const alphaPublic = alphaKey.toJSON(false) // export PUBLIC key only
	console.log('> Public Key:', JSON.stringify(alphaPublic, null, 2))

	const publicEncrypted = await JWE.createEncrypt({ format }, alphaPublic).update(plaintext).final();
	console.log(`> public encrypted (${format}):`, publicEncrypted)

	const publicDecrypted = await JWE.createDecrypt(store).decrypt(publicEncrypted)
	console.log('> public decrypted:', publicDecrypted.plaintext.toString())
	console.log('')

	// PRIVATE KEY ONLY
	const alphaPrivateAndPublic = alphaKey.toJSON(true) // export PUBLIC and PRIVATE keys
	console.log('> Public and Private Key:', JSON.stringify(alphaPrivateAndPublic, null, 2))

	const privateEncrypted = await JWE.createEncrypt({ format }, alphaPrivateAndPublic).update(plaintext).final();
	console.log(`> private encrypted (${format}):`, privateEncrypted)

	const privateDecrypted = await JWE.createDecrypt(store).decrypt(privateEncrypted)
	console.log('> private decrypted:', privateDecrypted.plaintext.toString())
	console.log('')

	// EXPORTING THE STORE AS JWKS
	console.log('> JWKS:', JSON.stringify(store.toJSON(false), null, 2)) // `false` means only public keys exported