Static Method Summary
| Static Public Methods | ||
| public static |
base64Decode(encryptedBody: string): * Convert encrypted string to array of Buffer |
|
| public static |
base64Encode(decodedBody: string): * Convert array of Buffer to encrypted string |
|
| public static |
checkUrlIsValid(url: string, callback: string) Checks if an input string is a valid URL |
|
| public static |
getCurrentTime(): * Get current time in seconds |
|
| public static |
readKeySet(keySetPath: string): * Reads JWK set in JSON format either from given URL or path to local file |
|
Constructor Summary
| Public Constructor | ||
| public |
constructor(clientPrivateKeySetLocation: string, hyperwalletKeySetLocation: string, encryptionAlgorithm: string, signAlgorithm: string, encryptionMethod: string, jwsExpirationMinutes: string) Create a instance of the Encryption service |
|
Member Summary
| Protected Members | ||
| protected |
Client KeyStore object |
|
| protected |
String that can be a URL or path to file with client JWK set |
|
| protected |
JWE encryption algorithm, by default value = RSA-OAEP-256 |
|
| protected |
JWE encryption method, by default value = A256CBC-HS512 |
|
| protected |
Hyperwallet KeyStore object |
|
| protected |
String that can be a URL or path to file with hyperwallet JWK set |
|
| protected |
Minutes when JWS signature is valid, by default value = 5 |
|
| protected |
JWS signature algorithm, by default value = RS256 |
|
Method Summary
| Public Methods | ||
| public |
checkSignature(body: string): * Verify if response body has a valid signature |
|
| public |
createKeyStore(): * Creates 2 JWK key stores : 1) for client keys 2) for hyperwallet keys |
|
| public |
createKeyStoreFromJwkSet(jwkSetPath: string, jwkSet: string): * Converts JWK set in JSON format to JOSE key store format |
|
| public |
Decrypts encrypted response : 1) decrypts the request body; 2) verifies the payload signature |
|
| public |
decryptBody(body: string): * Decrypts the response body |
|
| public |
Makes an encrypted request : 1) signs the request body; 2) encrypts payload after signature |
|
| public |
encryptBody(body: string): * Encrypts the request body |
|
| public |
Calculates signature expiration time in seconds ( by default expiration time = 5 minutes ) |
|
| public |
Makes signature for request body |
|
Static Public Methods
public static base64Decode(encryptedBody: string): * source
Convert encrypted string to array of Buffer
Params:
| Name | Type | Attribute | Description |
| encryptedBody | string | Encrypted body to be decoded |
Return:
| * |
public static base64Encode(decodedBody: string): * source
Convert array of Buffer to encrypted string
Params:
| Name | Type | Attribute | Description |
| decodedBody | string | Array of Buffer to be decoded to encrypted string |
Return:
| * |
Public Constructors
public constructor(clientPrivateKeySetLocation: string, hyperwalletKeySetLocation: string, encryptionAlgorithm: string, signAlgorithm: string, encryptionMethod: string, jwsExpirationMinutes: string) source
Create a instance of the Encryption service
Params:
| Name | Type | Attribute | Description |
| clientPrivateKeySetLocation | string | String that can be a URL or path to file with client JWK set |
|
| hyperwalletKeySetLocation | string | String that can be a URL or path to file with hyperwallet JWK set |
|
| encryptionAlgorithm | string | JWE encryption algorithm, by default value = RSA-OAEP-256 |
|
| signAlgorithm | string | JWS signature algorithm, by default value = RS256 |
|
| encryptionMethod | string | JWE encryption method, by default value = A256CBC-HS512 |
|
| jwsExpirationMinutes | string | Minutes when JWS signature is valid |
Protected Members
protected clientPrivateKeySetLocation: string source
String that can be a URL or path to file with client JWK set
protected encryptionAlgorithm: string source
JWE encryption algorithm, by default value = RSA-OAEP-256
protected hyperwalletKeySetLocation: string source
String that can be a URL or path to file with hyperwallet JWK set
Public Methods
public checkSignature(body: string): * source
Verify if response body has a valid signature
Params:
| Name | Type | Attribute | Description |
| body | string | The response body to be verified |
Return:
| * |
public createKeyStore(): * source
Creates 2 JWK key stores : 1) for client keys 2) for hyperwallet keys
Return:
| * |
public createKeyStoreFromJwkSet(jwkSetPath: string, jwkSet: string): * source
Converts JWK set in JSON format to JOSE key store format
Return:
| * |
public decrypt(body: string): * source
Decrypts encrypted response : 1) decrypts the request body; 2) verifies the payload signature
Params:
| Name | Type | Attribute | Description |
| body | string | The response body to be decrypted |
Return:
| * |
Test:
- utils/Encryption decrypt()
- utils/Encryption decrypt() should fail decryption when wrong private key is used
- utils/Encryption decrypt() should fail decryption when sign algorithm is not found in keyset
- utils/Encryption decrypt() should fail decryption when algorithm is not found in jwkset
- utils/Encryption decrypt() should fail signature verification when wrong public key is used
- utils/Encryption decrypt() should throw exception when jws signature has expired
public decryptBody(body: string): * source
Decrypts the response body
Params:
| Name | Type | Attribute | Description |
| body | string | The response body to be decrypted |
Return:
| * |
public encrypt(body: string): * source
Makes an encrypted request : 1) signs the request body; 2) encrypts payload after signature
Params:
| Name | Type | Attribute | Description |
| body | string | The request body to be encrypted |
Return:
| * |
Test:
- utils/Encryption encrypt()
- utils/Encryption encrypt() should successfully encrypt and decrypt text message
- utils/Encryption encrypt() should successfully decode and encode encrypted text message
- utils/Encryption encrypt() should throw exception when wrong jwk key set location is given
- utils/Encryption encrypt() should throw exception when wrong jwk key is set for encryption
- utils/Encryption encrypt() should throw exception when signing body with key algorithm that doesn't present in jwkset
- utils/Encryption encrypt() should throw exception when signing body with wrong jwk key
- utils/Encryption encrypt() should throw exception when jwk keyset file is invalid
- utils/Encryption encrypt() should throw exception when jwk keyset file location is wrong
- utils/Encryption encrypt() should successfully encrypt and decrypt text message with url keyset path
- utils/Encryption encrypt() should throw exception when not supported encryption algorithm is given
public encryptBody(body: string): * source
Encrypts the request body
Params:
| Name | Type | Attribute | Description |
| body | string | The request body to be encrypted |
Return:
| * |
public getSignatureExpirationTime(): * source
Calculates signature expiration time in seconds ( by default expiration time = 5 minutes )
Return:
| * |