http_ece - HTTP Encrypted Content-Encoding for Deno & web browsers

This library is an implementation of HTTP Encrypted Content-Encoding scheme(RFC 8188).

NOTE: This library hasn’t been reviewed by crypto experts and may be unsecure. I’ve done my best to follow RFC recommandation and I only used primitives provided by the SubtleCrypto API.

Implemented schemes

This crate implements only the published Web Push Encryption scheme (aes128gcm), and not the legacy scheme from earlier drafts.

It does not support, and we have no plans to ever support, the obsoletes aesgmc and aesgcm128 schemes from earlier drafts.

Usage

import * as ece from "https://deno.land/x/http_ece@0.4.0/mod.ts";

const input = new TextEncoder().encode("I am the walrus");
const secret = new TextEncoder().encode("my_secret");
const encrypted = await ece.encrypt(input, secret);

const decrypted = await ece.decrypt(encrypted, secret);

console.log(new TextDecoder().decode(decrypted));
// output: I am the walrus

Package is also available as @negrel/http-ece on JSR.

Features

• aes128gcm encryption and decryption
• custom padding strategy supported
• Web browser compatible (based on SubtleCrypto)

TODO

• Support Streams API

Contributing

If you want to contribute to http_ece to add a feature or improve the code contact me at negrel.dev@protonmail.com, open an issue or make a pull request.

:stars: Show your support

Please give a ⭐ if this project helped you!

📜 License

MIT © Alexandre Negrel