### Complete Client-Server Encryption Workflow Source: https://context7.com/altcha-org/altcha-crypto/llms.txt This example shows a full client-server encryption cycle. The client generates RSA keys, shares the public key, and the server encrypts data using it. The client then decrypts the data using its private key. Ensure private keys are stored securely on the client. ```typescript import { cipher, rsa } from '@altcha/crypto'; import { base64Encode, base64Decode } from '@altcha/crypto/encoding'; // CLIENT: Generate keys and share public key const keyPair = await rsa.generateKeyPair(); const privateKeyPem = await rsa.exportPrivateKeyPem(keyPair.privateKey); const publicKeyPem = await rsa.exportPublicKeyPem(keyPair.publicKey); // Store private key securely on client // Send publicKeyPem to server // SERVER: Encrypt sensitive data with client's public key const serverPublicKey = await rsa.importPublicKeyPem(publicKeyPem); const sensitiveData = new TextEncoder().encode(JSON.stringify({ userId: 12345, apiKey: 'secret-api-key-abc123', timestamp: Date.now() })); const encryptedData = await cipher.encrypt(serverPublicKey, sensitiveData); const encryptedBase64 = base64Encode(encryptedData); // Send encryptedBase64 to client // CLIENT: Decrypt received data const clientPrivateKey = await rsa.importPrivateKeyPem(privateKeyPem); const receivedEncrypted = base64Decode(encryptedBase64); const decryptedData = await cipher.decrypt(clientPrivateKey, receivedEncrypted); const payload = JSON.parse(new TextDecoder().decode(decryptedData)); console.log(payload); // Output: { userId: 12345, apiKey: 'secret-api-key-abc123', timestamp: 1234567890 } ``` -------------------------------- ### Import RSA Keys from PEM and Raw Bytes Source: https://context7.com/altcha-org/altcha-crypto/llms.txt Imports RSA keys from PEM-formatted strings or raw Uint8Array buffers for use in encryption and decryption operations. ```typescript import { rsa, cipher } from '@altcha/crypto'; // Sample PEM keys (in practice, load from file or environment) const publicKeyPem = `-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA... -----END PUBLIC KEY-----`; const privateKeyPem = `-----BEGIN PRIVATE KEY----- MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBK... -----END PRIVATE KEY-----`; // Import PEM-formatted public key for encryption const publicKey = await rsa.importPublicKeyPem(publicKeyPem); // Import PEM-formatted private key for decryption const privateKey = await rsa.importPrivateKeyPem(privateKeyPem); // Use imported keys with cipher const data = new TextEncoder().encode('Encrypted with imported keys'); const encrypted = await cipher.encrypt(publicKey, data); const decrypted = await cipher.decrypt(privateKey, encrypted); // Import from raw bytes (Uint8Array) const publicKeyBytes = new Uint8Array([/* SPKI bytes */]); const privateKeyBytes = new Uint8Array([/* PKCS#8 bytes */]); const pubKey = await rsa.importPublicKey(publicKeyBytes); const privKey = await rsa.importPrivateKey(privateKeyBytes); ``` -------------------------------- ### Export RSA Keys to PEM Format Source: https://context7.com/altcha-org/altcha-crypto/llms.txt Exports RSA public and private keys to PEM format (SPKI for public, PKCS#8 for private). Also supports exporting keys as raw Uint8Array and deriving the public key from the private key. ```typescript import { rsa } from '@altcha/crypto'; const keyPair = await rsa.generateKeyPair(); // Export public key to PEM format const publicKeyPem = await rsa.exportPublicKeyPem(keyPair.publicKey); console.log(publicKeyPem); // Output: // -----BEGIN PUBLIC KEY----- // MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA... // -----END PUBLIC KEY----- // Export private key to PEM format const privateKeyPem = await rsa.exportPrivateKeyPem(keyPair.privateKey); console.log(privateKeyPem); // Output: // -----BEGIN PRIVATE KEY----- // MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBK... // -----END PRIVATE KEY----- // Export keys as raw Uint8Array (SPKI for public, PKCS#8 for private) const publicKeyBytes = await rsa.exportPublicKey(keyPair.publicKey); const privateKeyBytes = await rsa.exportPrivateKey(keyPair.privateKey); // Extract public key from private key const derivedPublicKeyBytes = await rsa.exportPublicKeyFromPrivateKey(keyPair.privateKey); ``` -------------------------------- ### Encrypt and Decrypt Data with ALTCHA Source: https://github.com/altcha-org/altcha-crypto/blob/main/deno_dist/README.md Uses RSA key pairs to perform hybrid encryption and decryption of data buffers. ```ts import { cipher, rsa } from '@altcha/crypto'; const keyPair = await rsa.generateKeyPair(); const encrypted = await cipher.encrypt(keyPair.publicKey, new TextEncoder().encode('Hello World')); const decrypted = await cipher.decrypt(keyPair.privateKey, encrypted); ``` -------------------------------- ### Generate RSA Key Pair with Altcha Crypto Source: https://context7.com/altcha-org/altcha-crypto/llms.txt Generates RSA-OAEP key pairs with a 2048-bit modulus and SHA-256 hashing. The generated keys can be used directly or exported. ```typescript import { rsa } from '@altcha/crypto'; // Generate a new RSA key pair const keyPair = await rsa.generateKeyPair(); // keyPair.publicKey - CryptoKey for encryption // keyPair.privateKey - CryptoKey for decryption // Encrypt small data directly with RSA (max ~190 bytes for 2048-bit key) const smallData = new TextEncoder().encode('Short secret'); const rsaEncrypted = await rsa.encrypt(keyPair.publicKey, smallData); const rsaDecrypted = await rsa.decrypt(keyPair.privateKey, rsaEncrypted); console.log(new TextDecoder().decode(rsaDecrypted)); // Output: Short secret ``` -------------------------------- ### Hybrid Encryption and Decryption with Altcha Crypto Source: https://context7.com/altcha-org/altcha-crypto/llms.txt Encrypts data using AES with a randomly generated key, then encrypts the AES key with an RSA public key. Decrypts using the RSA private key. Supports custom AES key and IV lengths. ```typescript import { cipher, rsa } from '@altcha/crypto'; // Generate RSA key pair const keyPair = await rsa.generateKeyPair(); // Encrypt data using the public key const plaintext = new TextEncoder().encode('Hello World - this is sensitive data'); const encrypted = await cipher.encrypt(keyPair.publicKey, plaintext); // Decrypt data using the private key const decrypted = await cipher.decrypt(keyPair.privateKey, encrypted); console.log(new TextDecoder().decode(decrypted)); // Output: Hello World - this is sensitive data // Custom encryption options const encryptedCustom = await cipher.encrypt(keyPair.publicKey, plaintext, { aesKeyLength: 256, // AES key length in bits (default: 256) aesIVLength: 16 // IV length in bytes (default: 16) }); ``` -------------------------------- ### Encrypt Files with Node.js Streams Source: https://github.com/altcha-org/altcha-crypto/blob/main/deno_dist/README.md Facilitates the encryption of large files by streaming data directly from a read stream to a write stream. ```ts import { createReadStream, createWriteStream } from 'node:fs'; import { nodeCipher, rsa } from '@altcha/crypto'; const keyPair = await rsa.generateKeyPair(); await nodeCipher.encryptStream(keyPair.publicKey, createReadStream('./input.txt'), createWriteStream('./output.txt.enc')); ``` -------------------------------- ### Perform AES-GCM Symmetric Encryption Source: https://context7.com/altcha-org/altcha-crypto/llms.txt Generates keys and performs symmetric encryption/decryption using the AES-GCM algorithm. ```typescript import { aes } from '@altcha/crypto'; // Generate a 256-bit AES key const key = await aes.generateKey(256); // Encrypt data const plaintext = new TextEncoder().encode('Secret message'); const { encrypted, iv } = await aes.encrypt(key, plaintext, 16); // Decrypt data (requires same key and IV) const decrypted = await aes.decrypt(key, encrypted, iv); console.log(new TextDecoder().decode(decrypted)); // Output: Secret message // Export key for storage const keyBytes = await aes.exportKey(key); // Import key from bytes const importedKey = await aes.importKey(keyBytes); const decryptedAgain = await aes.decrypt(importedKey, encrypted, iv); ``` -------------------------------- ### Encode and Decode Binary Data with Base64 Source: https://context7.com/altcha-org/altcha-crypto/llms.txt Converts encrypted binary data to Base64 strings for storage or transmission, including support for URL-safe variants. ```typescript import { cipher, rsa, helpers } from '@altcha/crypto'; import { base64Encode, base64Decode } from '@altcha/crypto/encoding'; const keyPair = await rsa.generateKeyPair(); const data = new TextEncoder().encode('Encode me'); const encrypted = await cipher.encrypt(keyPair.publicKey, data); // Standard Base64 encoding const base64String = base64Encode(encrypted); console.log(base64String); // Output: AQAB/xAA...base64 encoded data... // Decode back to Uint8Array const decoded = base64Decode(base64String); const decrypted = await cipher.decrypt(keyPair.privateKey, decoded); // URL-safe Base64 (no +, /, or = characters) const urlSafeBase64 = base64Encode(encrypted, true); const decodedUrlSafe = base64Decode(urlSafeBase64, true); ``` -------------------------------- ### Encrypt and Decrypt Large Files with Streams Source: https://context7.com/altcha-org/altcha-crypto/llms.txt Processes large files using Node.js Readable and Writable streams to avoid loading entire files into memory. ```typescript import { createReadStream, createWriteStream } from 'node:fs'; import { rsa } from '@altcha/crypto'; import { encryptStream, decryptStream } from '@altcha/crypto/node-cipher'; const keyPair = await rsa.generateKeyPair(); // Encrypt a large file await encryptStream( keyPair.publicKey, createReadStream('./large-file.txt'), createWriteStream('./large-file.txt.enc') ); // Decrypt the encrypted file await decryptStream( keyPair.privateKey, createReadStream('./large-file.txt.enc'), createWriteStream('./large-file.decrypted.txt') ); // Works with any Readable/Writable streams import { Readable, Writable } from 'node:stream'; const inputData = Buffer.from('Stream data to encrypt'); const chunks: Buffer[] = []; await encryptStream( keyPair.publicKey, Readable.from([inputData]), new Writable({ write(chunk, encoding, callback) { chunks.push(chunk); callback(); } }) ); ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.