Skip to content

HTTP Encrypted Content-Encoding (RFC 8188) for Deno and web browsers

License

Notifications You must be signed in to change notification settings

negrel/http-ece

Repository files navigation

http-ece - HTTP Encrypted Content-Encoding for Deno & web browsers

jsr badge license MIT badge code size badge

This library is an implementation of HTTP Encrypted Content-Encoding scheme(RFC 8188).

NOTE: This library hasn't been reviewed by crypto experts and may be unsecure. I've done my best to follow RFC recommandation and I only used primitives provided by the SubtleCrypto API.

http-ece is available on JSR.

Implemented schemes

This crate implements only the published Web Push Encryption scheme (aes128gcm), and not the legacy scheme from earlier drafts.

It does not support, and we have no plans to ever support, the obsolete aesgmc and aesgcm128 schemes from earlier drafts.

Usage

import * as ece from "jsr:@negrel/http-ece";

const input = new TextEncoder().encode("I am the walrus");
const secret = new TextEncoder().encode("my_secret");
const encrypted = await ece.encrypt(input, secret);

const decrypted = await ece.decrypt(encrypted, secret);

console.log(new TextDecoder().decode(decrypted));
// output: I am the walrus

Features

  • aes128gcm encryption and decryption
  • custom padding strategy supported
  • Web browser compatible (based on SubtleCrypto)

TODO

Contributing

If you want to contribute to http_ece to add a feature or improve the code contact me at negrel.dev@protonmail.com, open an issue or make a pull request.

🌠 Show your support

Please give a ⭐ if this project helped you!

buy me a coffee

📜 License

MIT © Alexandre Negrel