How to use the @tanker/crypto.tcrypto.sealEncrypt function in @tanker/crypto
To help you get started, we’ve selected a few @tanker/crypto examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
TankerHQ / sdk-js / packages / core / src / __tests__ / KeyDecryptor.spec.js View on Github 
it('can decrypt key published to group', async () => {
const keyPublish = makeKeyPublish(
NATURE.key_publish_to_user_group,
tcrypto.sealEncrypt(keys.publicKey, keys.publicKey)
);
groupManager.getGroupEncryptionKeyPair = () => keys;
const res = await decryptor.keyFromKeyPublish(keyPublish);
expect(res).to.be.a('Uint8Array');
expect(toBase64(res)).to.be.equal(keys.expect);
});export const generateUserCreation = (
trustchainId: Uint8Array,
userId: Uint8Array,
deviceEncryptionKeyPair: tcrypto.SodiumKeyPair,
deviceSignatureKeyPair: tcrypto.SodiumKeyPair,
ghostDeviceKeys: GhostDeviceKeys,
delegationToken: DelegationToken
) => {
const userKeys = tcrypto.makeEncryptionKeyPair();
const encryptedUserKey = tcrypto.sealEncrypt(
userKeys.privateKey,
ghostDeviceKeys.encryptionKeyPair.publicKey,
);
const ghostDevicePayload = serializeUserDeviceV3({
ephemeral_public_signature_key: delegationToken.ephemeral_public_signature_key,
user_id: userId,
delegation_signature: delegationToken.delegation_signature,
public_signature_key: ghostDeviceKeys.signatureKeyPair.publicKey,
public_encryption_key: ghostDeviceKeys.encryptionKeyPair.publicKey,
last_reset: new Uint8Array(tcrypto.HASH_SIZE),
user_key_pair: {
public_encryption_key: userKeys.publicKey,
encrypted_private_encryption_key: encryptedUserKey,
},
is_ghost_device: true,const keysForUsers = users.map(u => {
const userPublicKey = getLastUserPublicKey(u);
if (!userPublicKey)
throw new InternalError('createUserGroup: user does not have user keys');
return {
user_id: u.userId,
public_user_encryption_key: userPublicKey,
encrypted_group_private_encryption_key: tcrypto.sealEncrypt(encryptionKeyPair.privateKey, userPublicKey),
};
});createUserGroup(signatureKeyPair: tcrypto.SodiumKeyPair, encryptionKeyPair: tcrypto.SodiumKeyPair, users: Array, provisionalUsers: Array) {
const encryptedPrivateSignatureKey = tcrypto.sealEncrypt(signatureKeyPair.privateKey, encryptionKeyPair.publicKey);
const keysForUsers = users.map(u => {
const userPublicKey = getLastUserPublicKey(u);
if (!userPublicKey)
throw new InternalError('createUserGroup: user does not have user keys');
return {
user_id: u.userId,
public_user_encryption_key: userPublicKey,
encrypted_group_private_encryption_key: tcrypto.sealEncrypt(encryptionKeyPair.privateKey, userPublicKey),
};
});
const keysForProvisionalUsers = provisionalUsers.map(u => {
const preEncryptedKey = tcrypto.sealEncrypt(
encryptionKeyPair.privateKey,
u.appEncryptionPublicKey,const rotateUserKeys = (devices: Array, currentUserKey: tcrypto.SodiumKeyPair): UserKeys => {
const newUserKeyPair = tcrypto.makeEncryptionKeyPair();
const encryptedPreviousUserKey = tcrypto.sealEncrypt(
currentUserKey.privateKey,
newUserKeyPair.publicKey,
);
const encryptedUserKeyForDevices = devices.map(device => {
const encryptedUserKey = tcrypto.sealEncrypt(
newUserKeyPair.privateKey,
device.devicePublicEncryptionKey,
);
return {
recipient: device.deviceId,
key: encryptedUserKey,
};
});
return {makeKeyPublishToProvisionalUserBlock(publicProvisionalUser: PublicProvisionalUser, resourceKey: Uint8Array, resourceId: Uint8Array) {
const preEncryptedKey = tcrypto.sealEncrypt(
resourceKey,
publicProvisionalUser.appEncryptionPublicKey,
);
const encryptedKey = tcrypto.sealEncrypt(
preEncryptedKey,
publicProvisionalUser.tankerEncryptionPublicKey,
);
const payload = {
recipientAppPublicKey: publicProvisionalUser.appSignaturePublicKey,
recipientTankerPublicKey: publicProvisionalUser.tankerSignaturePublicKey,
resourceId,
key: encryptedKey,
};
return createBlock(export const makeUserGroupCreation = (signatureKeyPair: tcrypto.SodiumKeyPair, encryptionKeyPair: tcrypto.SodiumKeyPair, users: Array, provisionalUsers: Array) => {
const encryptedPrivateSignatureKey = tcrypto.sealEncrypt(signatureKeyPair.privateKey, encryptionKeyPair.publicKey);
const keysForUsers = users.map(u => {
const userPublicKey = getLastUserPublicKey(u);
if (!userPublicKey)
throw new InternalError('createUserGroup: user does not have user keys');
return {
user_id: u.userId,
public_user_encryption_key: userPublicKey,
encrypted_group_private_encryption_key: tcrypto.sealEncrypt(encryptionKeyPair.privateKey, userPublicKey),
};
});
const keysForProvisionalUsers = provisionalUsers.map(u => {
const preEncryptedKey = tcrypto.sealEncrypt(
encryptionKeyPair.privateKey,
u.appEncryptionPublicKey,export const makeProvisionalIdentityClaim = (userId: Uint8Array, deviceId: Uint8Array, userPublicKey: Uint8Array, provisionalUserKeys: ProvisionalUserKeys) => {
const multiSignedPayload = utils.concatArrays(
deviceId,
provisionalUserKeys.appSignatureKeyPair.publicKey,
provisionalUserKeys.tankerSignatureKeyPair.publicKey,
);
const appSignature = tcrypto.sign(multiSignedPayload, provisionalUserKeys.appSignatureKeyPair.privateKey);
const tankerSignature = tcrypto.sign(multiSignedPayload, provisionalUserKeys.tankerSignatureKeyPair.privateKey);
const keysToEncrypt = utils.concatArrays(provisionalUserKeys.appEncryptionKeyPair.privateKey, provisionalUserKeys.tankerEncryptionKeyPair.privateKey);
const encryptedprovisionalUserKeys = tcrypto.sealEncrypt(keysToEncrypt, userPublicKey);
const payload = {
user_id: userId,
app_provisional_identity_signature_public_key: provisionalUserKeys.appSignatureKeyPair.publicKey,
tanker_provisional_identity_signature_public_key: provisionalUserKeys.tankerSignatureKeyPair.publicKey,
author_signature_by_app_key: appSignature,
author_signature_by_tanker_key: tankerSignature,
recipient_user_public_key: userPublicKey,
encrypted_provisional_identity_private_keys: encryptedprovisionalUserKeys,
};
return { payload: serializeProvisionalIdentityClaim(payload), nature: preferredNature(NATURE_KIND.provisional_identity_claim) };
};const keysForProvisionalUsers = provisionalUsers.map(u => {
const preEncryptedKey = tcrypto.sealEncrypt(
encryptionKeyPair.privateKey,
u.appEncryptionPublicKey,
);
const encryptedKey = tcrypto.sealEncrypt(
preEncryptedKey,
u.tankerEncryptionPublicKey,
);
return {
app_provisional_user_public_signature_key: u.appSignaturePublicKey,
tanker_provisional_user_public_signature_key: u.tankerSignaturePublicKey,
encrypted_group_private_encryption_key: encryptedKey,
};
});const keysForProvisionalUsers = provisionalUsers.map(u => {
const preEncryptedKey = tcrypto.sealEncrypt(
encryptionKeyPair.privateKey,
u.appEncryptionPublicKey,
);
const encryptedKey = tcrypto.sealEncrypt(
preEncryptedKey,
u.tankerEncryptionPublicKey,
);
return {
app_provisional_user_public_signature_key: u.appSignaturePublicKey,
tanker_provisional_user_public_signature_key: u.tankerSignaturePublicKey,
encrypted_group_private_encryption_key: encryptedKey,
};
});@tanker/crypto
Tanker SDK (cryptographic primitives)
Package Health Score
65 / 100Popular @tanker/crypto functions
- @tanker/crypto.generichash
- @tanker/crypto.random
- @tanker/crypto.tcrypto.ENCRYPTION_PUBLIC_KEY_SIZE
- @tanker/crypto.tcrypto.getEncryptionKeyPairFromPrivateKey
- @tanker/crypto.tcrypto.HASH_SIZE
- @tanker/crypto.tcrypto.MAC_SIZE
- @tanker/crypto.tcrypto.makeEncryptionKeyPair
- @tanker/crypto.tcrypto.makeSignKeyPair
- @tanker/crypto.tcrypto.sealDecrypt
- @tanker/crypto.tcrypto.sealEncrypt
- @tanker/crypto.tcrypto.sign
- @tanker/crypto.tcrypto.SIGNATURE_PUBLIC_KEY_SIZE
- @tanker/crypto.tcrypto.SIGNATURE_SIZE
- @tanker/crypto.tcrypto.SYMMETRIC_KEY_SIZE
- @tanker/crypto.tcrypto.verifySignature
- @tanker/crypto.utils.concatArrays
- @tanker/crypto.utils.equalArray
- @tanker/crypto.utils.fromBase64
- @tanker/crypto.utils.fromString
- @tanker/crypto.utils.toBase64