Class Keychain

Constructors

constructor

Properties

authTokenPromise key mainKeyPromise metaKeyPromise salt

Accessors

keyB64 saltB64

Methods

authHeader authToken authTokenB64 decryptBytes decryptMeta decryptStream decryptStreamRange encryptBytes encryptMeta encryptStream generateKey setAuthToken AuthHeader Header

Constructors

constructor

  • new Keychain(key?: string | Uint8Array, salt?: string | Uint8Array): Keychain

  • Parameters

    • Optionalkey: string | Uint8Array
    • Optionalsalt: string | Uint8Array

    Returns Keychain

Properties

authTokenPromise

authTokenPromise: Promise<Uint8Array>

key

key: Uint8Array

mainKeyPromise

mainKeyPromise: Promise<CryptoKey>

metaKeyPromise

metaKeyPromise: Promise<CryptoKey>

salt

salt: Uint8Array

Accessors

keyB64

  • get keyB64(): string

  • Get the main key as a base64url encoded string

    Returns string

saltB64

  • get saltB64(): string

  • Get the salt as base64 string

    Returns string

Methods

authHeader

  • authHeader(tokenString?: string): Promise<string>

  • Get a header string: Bearer sync-v1 ${authTokenB64}. Pass in a token, or else this will use the authToken derived from the main key.

    Parameters

    • OptionaltokenString: string

    Returns Promise<string>

authToken

  • authToken(): Promise<Uint8Array>

  • get a promise for the auth token.

    Returns Promise<Uint8Array>

authTokenB64

  • authTokenB64(): Promise<string>

  • Get the auth token as a base64 string

    Returns Promise<string>

decryptBytes

  • decryptBytes(bytes: Uint8Array): Promise<ArrayBuffer>

  • Decrypt in memory, not streaming.

    Parameters

    • bytes: Uint8Array

    Returns Promise<ArrayBuffer>

decryptMeta

  • decryptMeta(ivEncryptedMeta: Uint8Array): Promise<Uint8Array>

  • Parameters

    • ivEncryptedMeta: Uint8Array

    Returns Promise<Uint8Array>

decryptStream

  • decryptStream(
        encryptedStream: ReadableStream<Uint8Array>,
    ): Promise<ReadableStream<Uint8Array>>

  • Take an encrypted stream, return a decrypted stream.

    Parameters

    • encryptedStream: ReadableStream<Uint8Array>

      The input (encrypted) stream

    Returns Promise<ReadableStream<Uint8Array>>

    The decrypted stream

decryptStreamRange

  • decryptStreamRange(
        offset: number,
        length: number,
        totalEncryptedLength: number,
    ): Promise<
        {
            decrypt: (streams: ReadableStream[]) => ReadableStream;
            ranges: { length: number; offset: number }[];
        },
    >

  • Returns an object containing ranges, an array of objects containing offset and length integers specifying the encrypted byte ranges that are needed to decrypt the client's specified range, and a decrypt function.

    Parameters

    • offset: number

      Integer

    • length: number

      Integer

    • totalEncryptedLength: number

      Integer

    Returns Promise<
        {
            decrypt: (streams: ReadableStream[]) => ReadableStream;
            ranges: { length: number; offset: number }[];
        },
    >

encryptBytes

  • encryptBytes(
        bytes: ArrayBuffer | Uint8Array,
        opts?: { iv?: Uint8Array; size?: number },
    ): Promise<Uint8Array>

  • Encrypt and return some data; don't stream.

    NOTE: This generates a new key each time it is called, via this.generateKey.

    Parameters

    • bytes: ArrayBuffer | Uint8Array
    • Optionalopts: { iv?: Uint8Array; size?: number }

      Optional params, iv and size. If size is omitted, default is 16 bytes. iv is a random 12 bits, will be generated if not passed in.

    Returns Promise<Uint8Array>

encryptMeta

  • encryptMeta(meta: Uint8Array): Promise<Uint8Array>

  • Parameters

    • meta: Uint8Array

    Returns Promise<Uint8Array>

encryptStream

  • encryptStream(
        stream: ReadableStream<Uint8Array>,
    ): Promise<ReadableStream<Uint8Array>>

  • Take a stream, return an encrypted stream.

    Parameters

    • stream: ReadableStream<Uint8Array>

      Input stream

    Returns Promise<ReadableStream<Uint8Array>>

generateKey

  • generateKey(keyLength?: number): Promise<CryptoKey>

  • Derive a new AES-GCM key from the main key.

    Parameters

    • OptionalkeyLength: number

      Optional size for the key, in bytes, eg, 16 or 32.

    Returns Promise<CryptoKey>

setAuthToken

  • setAuthToken(authToken?: string | Uint8Array): void

  • Set the auth token

    Parameters

    • OptionalauthToken: string | Uint8Array

      The new token

    Returns void

StaticAuthHeader

  • AuthHeader(secretKey: string, salt: string | Uint8Array): Promise<string>

  • Get an authentication header as a static method.

    Parameters

    • secretKey: string
    • salt: string | Uint8Array

    Returns Promise<string>

StaticHeader

  • Header(writeToken: string): string

  • Parameters

    • writeToken: string

    Returns string

Settings

Member Visibility

On This Page

Constructors
Properties
Accessors
Methods