This library is an implementation of HTTP Encrypted Content-Encoding scheme(RFC 8188).
NOTE: This library hasn't been reviewed by crypto experts and may be unsecure. I've done my best to follow RFC recommandation and I only used primitives provided by the SubtleCrypto API.
http-ece
is available on JSR.
This crate implements only the published Web Push Encryption scheme
(aes128gcm
), and not the legacy scheme from earlier drafts.
It does not support, and we have no plans to ever support, the obsolete aesgmc
and aesgcm128
schemes from earlier drafts.
import * as ece from "jsr:@negrel/http-ece";
const input = new TextEncoder().encode("I am the walrus");
const secret = new TextEncoder().encode("my_secret");
const encrypted = await ece.encrypt(input, secret);
const decrypted = await ece.decrypt(encrypted, secret);
console.log(new TextDecoder().decode(decrypted));
// output: I am the walrus
aes128gcm
encryption and decryption- custom padding strategy supported
- Web browser compatible (based on SubtleCrypto)
- Support Streams API
If you want to contribute to http_ece
to add a feature or improve the code
contact me at negrel.dev@protonmail.com,
open an issue or make a
pull request.
Please give a ⭐ if this project helped you!
MIT © Alexandre Negrel