A comprehensive TypeScript library for asymmetric cryptography operations using the Web Crypto API. This library provides easy-to-use functions for RSA key generation, encryption, and decryption that work universally across all modern JavaScript runtimes.
✅ Node.js 16+ (with Web Crypto API)
✅ Browsers (Chrome, Firefox, Safari, Edge)
✅ Cloudflare Workers
✅ Deno
✅ Bun
✅ Web Workers & Service Workers
- 🔐 RSA Key Pair Generation: Create public and private key pairs (CryptoKey & PEM formats)
- 🔒 Public Key Encryption: Encrypt data using public keys (RSA-OAEP)
- 🔓 Private Key Decryption: Decrypt data using private keys
- 📦 TypeScript Support: Full TypeScript support with type definitions
- 🚀 Multiple Formats: CommonJS and ES Module support
- 🛡️ Secure: Uses Web Crypto API with industry-standard algorithms
- ⚡ Async/Promise-based: Modern async API for better performance
npm install asymmetric-cryptography-data-exchange-utilsimport {
createKeys,
encryptWithPubKey,
decryptWithPrivateKey,
} from "asymmetric-cryptography-data-exchange-utils";
// 1. Generate a key pair (CryptoKey format)
const keyPair = await createKeys(2048);
// 2. Encrypt with public key, decrypt with private key
const message = "Hello, World!";
const encrypted = await encryptWithPubKey(message, keyPair.publicKey);
const decrypted = await decryptWithPrivateKey(encrypted, keyPair.privateKey);
console.log(decrypted); // "Hello, World!"import {
createKeysPEM,
encryptWithPubKeyPEM,
decryptWithPrivateKeyPEM,
} from "asymmetric-cryptography-data-exchange-utils";
// 1. Generate a key pair (PEM format)
const keyPair = await createKeysPEM(2048);
// 2. Encrypt with public key PEM, decrypt with private key PEM
const message = "Hello, World!";
const encrypted = await encryptWithPubKeyPEM(message, keyPair.publicKey);
const decrypted = await decryptWithPrivateKeyPEM(encrypted, keyPair.privateKey);
console.log(decrypted); // "Hello, World!"Creates a new RSA key pair using Web Crypto API.
Parameters:
keySize(optional): The size of the key in bits. Default: 2048
Returns:
Promise<KeyPair>: Object containingpublicKeyandprivateKeyas CryptoKey objects
Example:
const keyPair = await createKeys(2048);
console.log(keyPair.publicKey.type); // "public"
console.log(keyPair.publicKey.algorithm); // { name: "RSA-OAEP", ... }Encrypts data using a public CryptoKey (RSA-OAEP padding).
Parameters:
data: The string or ArrayBuffer data to encryptpublicKey: The public CryptoKey
Returns:
Promise<EncryptedData>: Object with encrypted ArrayBuffer data
Example:
const encrypted = await encryptWithPubKey("secret message", keyPair.publicKey);
console.log(encrypted.data); // ArrayBufferDecrypts data using a private CryptoKey.
Parameters:
encryptedData: The encrypted data objectprivateKey: The private CryptoKey
Returns:
Promise<string>: The decrypted message
Creates a new RSA key pair and exports them as PEM strings.
Returns:
Promise<KeyPairPEM>: Object containingpublicKeyandprivateKeyas PEM strings
encryptWithPubKeyPEM(data: string, publicKeyPEM: string): Promise<{data: string, encoding: 'base64'}>
Encrypts data using a public key PEM string.
decryptWithPrivateKeyPEM(encryptedData: {data: string, encoding: 'base64'}, privateKeyPEM: string): Promise<string>
Decrypts data using a private key PEM string.
interface KeyPair {
publicKey: CryptoKey;
privateKey: CryptoKey;
}
interface KeyPairPEM {
publicKey: string;
privateKey: string;
}
interface EncryptedData {
data: ArrayBuffer;
}import { createKeys } from "asymmetric-cryptography-data-exchange-utils";
// Works with Node.js 16+ Web Crypto API
const keyPair = await createKeys();<script type="module">
import { createKeys } from "https://esm.sh/asymmetric-cryptography-data-exchange-utils";
const keyPair = await createKeys();
console.log("Crypto in browser!", keyPair);
</script>// worker.js
import {
createKeys,
encryptWithPubKey,
} from "asymmetric-cryptography-data-exchange-utils";
export default {
async fetch(request, env, ctx) {
const keyPair = await createKeys();
const encrypted = await encryptWithPubKey(
"Hello from CF Workers!",
keyPair.publicKey
);
return new Response(
JSON.stringify({
success: true,
keyType: keyPair.publicKey.type,
})
);
},
};import { createKeys } from "npm:asymmetric-cryptography-data-exchange-utils";
const keyPair = await createKeys();
console.log("Crypto in Deno!", keyPair.publicKey.type);// Alice creates a key pair
const aliceKeys = await createKeys();
// Bob encrypts a message for Alice using her public key
const message = "Secret information for Alice";
const encrypted = await encryptWithPubKey(message, aliceKeys.publicKey);
// Alice decrypts the message using her private key
const decrypted = await decryptWithPrivateKey(encrypted, aliceKeys.privateKey);// Server (Node.js) generates keys
const serverKeys = await createKeysPEM();
// Send public key to client (browser/worker)
// Client encrypts data
const clientData = await encryptWithPubKeyPEM(
"sensitive data",
serverKeys.publicKey
);
// Server decrypts
const serverDecrypted = await decryptWithPrivateKeyPEM(
clientData,
serverKeys.privateKey
);# Run all tests
npm test
# Run tests in watch mode
npm run test:watch
# Run tests with coverage
npm run test:coverageThe library includes comprehensive Jest tests with high code coverage, testing all cryptographic operations, error handling, and edge cases across different API formats.
# Run the basic usage example
npm run example- Key Size: Use at least 2048 bits for production use (4096 bits recommended for high security)
- Algorithm: Uses RSA-OAEP with SHA-256 for encryption
- Key Storage: Store private keys securely and never expose them in client-side code
- Message Size: RSA encryption has size limits based on key size and padding (~190 bytes for 2048-bit keys)
- Performance: Key generation is computationally expensive; consider caching keys when appropriate
| Platform | Web Crypto API | CryptoKey Support | PEM Support | Status |
|---|---|---|---|---|
| Node.js 16+ | ✅ | ✅ | ✅ | Full Support |
| Chrome/Edge | ✅ | ✅ | ✅ | Full Support |
| Firefox | ✅ | ✅ | ✅ | Full Support |
| Safari | ✅ | ✅ | ✅ | Full Support |
| Cloudflare Workers | ✅ | ✅ | ✅ | Full Support |
| Deno | ✅ | ✅ | ✅ | Full Support |
| Bun | ✅ | ✅ | ✅ | Full Support |
| Web Workers | ✅ | ✅ | ✅ | Full Support |
If you're migrating from the Node.js crypto module:
import { generateKeyPairSync, publicEncrypt, privateDecrypt } from "crypto";
const { publicKey, privateKey } = generateKeyPairSync("rsa", {
modulusLength: 2048,
publicKeyEncoding: { type: "spki", format: "pem" },
privateKeyEncoding: { type: "pkcs8", format: "pem" },
});
const encrypted = publicEncrypt(publicKey, Buffer.from(message));
const decrypted = privateDecrypt(privateKey, encrypted).toString();import {
createKeysPEM,
encryptWithPubKeyPEM,
decryptWithPrivateKeyPEM,
} from "asymmetric-cryptography-data-exchange-utils";
const { publicKey, privateKey } = await createKeysPEM(2048);
const encrypted = await encryptWithPubKeyPEM(message, publicKey);
const decrypted = await decryptWithPrivateKeyPEM(encrypted, privateKey);- Node.js >= 16.0.0 (for Web Crypto API support)
- Modern browsers with Web Crypto API support
- TypeScript (for development)
npm run build- Build the library for productionnpm run dev- Build in watch mode for developmentnpm test- Run Jest testsnpm run test:watch- Run tests in watch modenpm run test:coverage- Run tests with coverage reportnpm run example- Run the usage example
MIT
Contributions are welcome! Please feel free to submit a Pull Request.