virgilsecurity / virgil-crypto-javascript Goto Github PK

Virgil JavaScript Crypto Library is a high-level cryptographic library that allows you to perform all necessary operations for secure storing and transferring data and everything required to become HIPAA and GDPR compliant.

Home Page: https://developer.virgilsecurity.com/docs/how-to#cryptography

License: BSD 3-Clause "New" or "Revised" License

JavaScript 15.38% TypeScript 84.35% HTML 0.26%

cryptography encryption crypto gdpr hipaa end-to-end-encryption e2ee

virgil-crypto-javascript's Introduction

This README is for virgil-crypto v4. Check the v3 branch for virgil-crypto v3 docs.

Virgil Security JavaScript Crypto Library

Introduction | Library purposes | Getting started | Docs | License | Contacts

Introduction

VirgilCrypto is a stack of security libraries (ECIES with Crypto Agility wrapped in Virgil Cryptogram) and an open-source high-level cryptographic library that allows you to perform all necessary operations for securely storing and transferring data in your digital solutions. Crypto Library is written in C++ and is suitable for mobile and server platforms.

Virgil Security, Inc., guides software developers into the forthcoming security world in which everything will be encrypted (and passwords will be eliminated). In this world, the days of developers having to raise millions of dollars to build a secure chat, secure email, secure file-sharing, or a secure anything have come to an end. Now developers can instead focus on building features that give them a competitive market advantage while end-users can enjoy the privacy and security they increasingly demand.

Library purposes

Asymmetric Key Generation
Encryption/Decryption of data
Generation/Verification of digital signatures

Getting started

First, you need to install the package from npm:

npm install virgil-crypto

If you are not using npm, follow our UMD guide to get started.

Second, you need to decide which approach to use in your application. We provide 2 options here:

WebAssembly. This is our recommended approach. List of supported browsers.
asm.js. Use it only in case you need to support old web browsers.

Third, you will need to setup you development environment (skip this step if you are using Node.js):

Not found your environment? Create an issue on GitHub and we will try our best to help you. Make sure to describe your environment as much as possible.

Last, you need to get familiar with usage examples of the library.

Docs

License

This library is released under the 3-clause BSD License.

Support

Our developer support team is here to help you.

You can find us on Twitter or send us email [email protected].

Also, get extra help from our support team on Slack.

virgil-crypto-javascript's People

Contributors

Stargazers

Watchers

Forkers

letalumil hyochan vijaykahar-vk

virgil-crypto-javascript's Issues

Document is not defined

Node Version: 11.8.0
Platform : React-native 0.57
Virgil-crypto: 2.2.0

"document is not defined" exception when Virgil-crypto object want to create.

[React Native] No dynCall invoker for signature

I am attempting to use e3kit in a React Native app—please let me know if I should re-open an issue in that repo—and getting the following crash just importing e3kit.

I also get this error if I just import virgil-crypto. I am trying to narrow it down and get reproducible steps, but our app is a large app with many dependencies. Everything works fine on a vanilla React Native app started with react-native init. I will post if I get more info, but hoping someone has a few quick ideas.

OS: Mac OS Mojave
react-native: 0.59.9
@virgilsecurity/e3kit: 0.5.0
@virgilsecurity/key-storage-rn: 0.1.3

React native javascript bundle build error

Currently, I am facing below problem in circleci. Can I get any help?

#!/bin/bash -eo pipefail 
yarn build:android 
 
yarn run v1.12.3
 
$ ENVFILE=.env.prod react-native bundle --entry-file index.js --platform android --dev false --bundle-output android/main.jsbundle --assets-dest ./android
 
                 Welcome to React Native!
 
                Learn once, write anywhere
 

 

 
error node_modules/@virgilsecurity/e3kit-native/dist/e3kit-native.cjs.js: Call retries were exceeded. Run CLI with --verbose flag for more details.
 
Error: Call retries were exceeded
 
    at ChildProcessWorker.initialize (/home/circleci/dooboo/node_modules/jest-worker/build/workers/ChildProcessWorker.js:193:21)
 
    at ChildProcessWorker.onExit (/home/circleci/dooboo/node_modules/jest-worker/build/workers/ChildProcessWorker.js:263:12)
 
    at ChildProcess.emit (events.js:182:13)
 
error Command failed with exit code 1.
 
info Visit https://yarnpkg.com/en/docs/cli/run for documentation about this command.
 
 
Exited with code exit status 1 
CircleCI received exit code 1

initCrypto() causes Nest.JS app crash and exit the container with a huge error in the container logs

I have a nestjs application running on node:18.18.0.
In a function I call await initCrypto(); wrapped in a try catch statement like below:

     console.log("first log")
     try {
           await initCrypto();
     } catch (error) {
           console.log("error", error)
     }
    console.log("second log")
    const virgilCrypto = new VirgilCrypto();
    const accessTokenSigner = new VirgilAccessTokenSigner(virgilCrypto);

    const jwtGenerator = new JwtGenerator({
      appId: MPStreamIOMessageHandler.__virgilConfig.appId,
      apiKeyId: MPStreamIOMessageHandler.__virgilConfig.apiKeyId,
      apiKey: virgilCrypto.importPrivateKey(MPStreamIOMessageHandler.__virgilConfig.apiKey),
      accessTokenSigner,
      millisecondsToLive: 24 * 60 * 60 * 1000, // 1 day alive
    });
    const virgilJwtToken = jwtGenerator.generateToken(id);

unfortunately the error could not be catch in the trycatch statement and it causes the nestjs app crash and make docker container exit and restart which is bad :(
the "first log" will be printed and then a huge error log pops in the logs and make the container exit and restart.
and this is the log:

first log
TypeError: Failed to parse URL from /usr/src/app/node_modules/virgil-crypto/node_modules/@virgilsecurity/core-foundation/libfoundation.wasm
    at Object.fetch (node:internal/deps/undici/undici:11576:11)
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5) {
  [cause]: TypeError [ERR_INVALID_URL]: Invalid URL
      at new NodeError (node:internal/errors:405:5)
      at new URL (node:internal/url:637:13)
      at new Request (node:internal/deps/undici/undici:7132:25)
      at fetch2 (node:internal/deps/undici/undici:10715:25)
      at Object.fetch (node:internal/deps/undici/undici:11574:18)
      at fetch (node:internal/process/pre_execution:242:25)
      at /usr/src/app/node_modules/virgil-crypto/node_modules/@virgilsecurity/core-foundation/node.cjs.js:1:20314
      at /usr/src/app/node_modules/virgil-crypto/node_modules/@virgilsecurity/core-foundation/node.cjs.js:1:20531
      at new <anonymous> (/usr/src/app/node_modules/virgil-crypto/node_modules/@virgilsecurity/core-foundation/node.cjs.js:1:20537)
      at Dt (/usr/src/app/node_modules/virgil-crypto/node_modules/@virgilsecurity/core-foundation/node.cjs.js:1:381753) {
    input: '/usr/src/app/node_modules/virgil-crypto/node_modules/@virgilsecurity/core-foundation/libfoundation.wasm',
    code: 'ERR_INVALID_URL'
  }
}
TypeError: Failed to parse URL from /usr/src/app/node_modules/virgil-crypto/node_modules/@virgilsecurity/core-foundation/libfoundation.wasm
    at Object.fetch (node:internal/deps/undici/undici:11576:11)
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5) {
  [cause]: TypeError [ERR_INVALID_URL]: Invalid URL
      at new NodeError (node:internal/errors:405:5)
      at new URL (node:internal/url:637:13)
      at new Request (node:internal/deps/undici/undici:7132:25)
      at fetch2 (node:internal/deps/undici/undici:10715:25)
      at Object.fetch (node:internal/deps/undici/undici:11574:18)
      at fetch (node:internal/process/pre_execution:242:25)
      at /usr/src/app/node_modules/virgil-crypto/node_modules/@virgilsecurity/core-foundation/node.cjs.js:1:20314
      at /usr/src/app/node_modules/virgil-crypto/node_modules/@virgilsecurity/core-foundation/node.cjs.js:1:20531
      at new <anonymous> (/usr/src/app/node_modules/virgil-crypto/node_modules/@virgilsecurity/core-foundation/node.cjs.js:1:20537)
      at Dt (/usr/src/app/node_modules/virgil-crypto/node_modules/@virgilsecurity/core-foundation/node.cjs.js:1:381753) {
    input: '/usr/src/app/node_modules/virgil-crypto/node_modules/@virgilsecurity/core-foundation/libfoundation.wasm',
    code: 'ERR_INVALID_URL'
  }
}
/usr/src/app/node_modules/virgil-crypto/node_modules/@virgilsecurity/core-foundation/node.cjs.js:1
"use strict";var t=function(t,e){return t(e={exports:{}},e.exports),e.exports}((function(t,e){var r=function(){"undefined"!=typeof document&&document.currentScript&&document.currentScript.src;return function(t){var e;t=t||{},e||(e=void 0!==t?t:{});var r,n={};for(r in e)e.hasOwnProperty(r)&&(n[r]=e[r]);var _,s,c,a,i;_=__dirname+"/",s=function(t){return a||(a=require("fs")),i||(i=require("path")),t=i.normalize(t),a.readFileSync(t,null)},c=function(t){return(t=s(t)).buffer||(t=new Uint8Array(t)),t.buffer||B("Assertion failed: undefined"),t},1<process.argv.length&&process.argv[1].replace(/\\/g,"/"),process.argv.slice(2),process.on("uncaughtException",(function(t){throw t})),process.on("unhandledRejection",B),e.inspect=function(){return"[Emscripten Module object]"};var l,o=e.print||console.log.bind(console),u=e.printErr||console.warn.bind(console);for(r in n)n.hasOwnProperty(r)&&(e[r]=n[r]);n=null,e.wasmBinary&&(l=e.wasmBinary),"object"!=typeof WebAssembly&&u("no native wasm support detected");var f,d,p,y,h,v,P=new WebAssembly.Table({initial:717,maximum:717,element:"anyfunc"}),x=!1,m="undefined"!=typeof TextDecoder?new TextDecoder("utf8"):void 0;function g(t,e,r){var n=e+r;for(r=e;t[r]&&!(r>=n);)++r;if(16<r-e&&t.subarray&&m)return m.decode(t.subarray(e,r));for(n="";e<r;){var _=t[e++];if(128&_){var s=63&t[e++];if(192==(224&_))n+=String.fromCharCode((31&_)<<6|s);else{var c=63&t[e++];65536>(_=224==(240&_)?(15&_)<<12|s<<6|c:(7&_)<<18|s<<12|c<<6|63&t[e++])?n+=String.fromCharCode(_):(_-=65536,n+=String.fromCharCode(55296|_>>10,56320|1023&_))}}else n+=String.fromCharCode(_)}return n}function E(t){return 0<t%65536&&(t+=65536-t%65536),t}function N(t){d=t,e.HEAP8=p=new Int8Array(t),e.HEAP16=h=new Int16Array(t),e.HEAP32=v=new Int32Array(t),e.HEAPU8=y=new Uint8Array(t),e.HEAPU16=new Uint16Array(t),e.HEAPU32=new Uint32Array(t),e.HEAPF32=new Float32Array(t),e.HEAPF64=new Float64Array(t)}"undefined"!=typeof TextDecoder&&new TextDecoder("utf-16le");var I=e.TOTAL_MEMORY||16777216;function b(t){for(;0<t.length;){var r=t.shift();if("function"==typeof r)r();else{var n=r.cu;"number"==typeof n?void 0===r.Ot?e.dynCall_v(n):e.dynCall_vi(n,r.Ot):n(void 0===r.Ot?null:r.Ot)}}}(f=e.wasmMemory?e.wasmMemory:new WebAssembly.Memory({initial:I/65536}))&&(d=f.buffer),I=d.byteLength,N(d),v[39960]=5402880;var w=[],k=[],A=[],C=[];function F(){var t=e.preRun.shift();w.unshift(t)}var T=Math.abs,K=Math.ceil,L=Math.floor,R=Math.min,S=0,z=null;function B(t){throw e.onAbort&&e.onAbort(t),o(t),u(t),x=!0,new WebAssembly.RuntimeError("abort("+t+"). Build with -s ASSERTIONS=1 for more info.")}function Y(){var t=D;return String.prototype.startsWith?t.startsWith("data:application/octet-stream;base64,"):0===t.indexOf("data:application/octet-stream;base64,")}e.preloadedImages={},e.preloadedAudios={};var U,H,D="libfoundation.wasm";if(!Y()){var M=D;D=e.locateFile?e.locateFile(M,_):_+M}function O(t,e){for(var r=0,n=t.length-1;0<=n;n--){var _=t[n];"."===_?t.splice( ...

... AND MORE LOGS WHICH I PUT THEM IN A FILE YOU CAN SEE AT THE END (~400k characters of log) ...
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            ^

RuntimeError: abort(TypeError: Failed to parse URL from /usr/src/app/node_modules/virgil-crypto/node_modules/@virgilsecurity/core-foundation/libfoundation.wasm). Build with -s ASSERTIONS=1 for more info.
    at process.B (/usr/src/app/node_modules/virgil-crypto/node_modules/@virgilsecurity/core-foundation/node.cjs.js:1:2501)
    at process.emit (node:events:517:28)
    at emit (node:internal/process/promises:149:20)
    at processPromiseRejections (node:internal/process/promises:283:27)
    at process.processTicksAndRejections (node:internal/process/task_queues:96:32)

the log above is just a brief slice of the actual log but I attached a file at the end so you can see the complete version of it.

Please give me more understanding about this issue.
why the log is this huge? why it makes the container restart? I don't know why it happens and how I can fix it.
I believe that this is an issue of the virgil-crypto library and I think that it's OK to pop this huge error log and crash the app.

by the way this is the complete log:

logs-virgil.txt

and appreciate for you library and considerations.

Missing and invalid compilation of virgil_js.node

First of all, the file virgil_js.node require by ./src/node/index.js is missing, he should be in main folder.
When i DL the lib by npm, the file is here this time, but when added to the whole folder, we get this error when require in a nodeJS project :
"errorMessage": "/var/task/virgil/src/virgil-crypto/virgil_js.node: invalid ELF header"
and i found that the file was missing thanks to this error line :
"Object. (/var/task/virgil/src/virgil-crypto/src/node/index.js:1:76)"

I'm building on a lambda machine on AWS, i tried nodeJS 6.10 and nodeJS 4.3 too
May someone could help me ?
Thanks

Problem with generating tokens

When generating a token on the back-end side, virgilCrypto.importPrivateKey is throwing an exception :
Error: Cannot use global instances if the 'resetGlobalInstances' function has been called or 'createGlobalInstances' function has not been called yet.

Node Version: 12.12.0
Virgil Crypto Version: ^4.0.0-alpha.18
Virgil SDK Version: ^6.0.0-alpha.6

How to import ed25519 keys?

I am trying to import PEM encoded ed25519 keys (these are derived from test vectors, not used in anything real)

But when I do importPrivateKey I get:

Error: Module: virgil/crypto. Error code: 7. Invalid format of the Public Key.
Module: virgil/crypto/mbedtls. Error code: -14848. PK - Elliptic curve is unsupported (only NIST curves are supported)

Is there some other way to create VirgilPrivateKey and VirgilPublicKey objects?

Update webpack example for v5

The webpack example is for v4 of this lib, and webpack 4. An updated example using webpack 5 and v5 of this lib would be appreciated.

[v5.0.0] Error: Cannot find module '@virgilsecuritycore-foundationode.cjs.js'

I have issue with 5.0.0 version.
the code with version 4.2.2 works fine but at the version 5.0.0 I have this issue:

Error: Cannot find module '@virgilsecuritycore-foundationode.cjs.js'
Require stack:
- /usr/src/app/node_modules/virgil-crypto/dist/node.cjs.js
- ...

this is the v4.2.2 issued file:

v5.0.0 issued file:

It seems there is a problem with the line 4.

am I doing something wrong?

Unit Testing with Jest -- FoundationError: One of the entropy sources failed.

Jest coops module loading in javascript for the purposes of unit testing (not sure why), and it's causing initCrypto() to fail with the error:

FoundationError: One of the entropy sources failed.

I'm not sure if it's Jest that has to fix this or Virgil, but I do know that Virgil could debug this further to determine what's actually broken and pinpoint what Jest actually needs to fix or support.

generateKeyPair for RSA PRIVATE KEY or PRIVATE KEY

Hi,

Actually, when we generate a key pair, we have a privatekey encoding with PKCS#8 crypted by a password, "-----BEGIN ENCRYPTED PRIVATE KEY----- [...] -----END ENCRYPTED PRIVATE KEY----- ".
var keyPair = VirgilCrypto.generateKeyPair(keyPBKDF2,VirgilCrypto.KeysTypesEnum.RSA_2048);

is it possible to convert him to have a header of the form "-----BEGIN PRIVATE KEY----- [...] or "-----BEGIN RSA PRIVATE KEY----- [...] ?

Thank you and sorry for my english.
Regards

Steps to use this library for RSA and AES Encryption and decryption

Hello, please how to i go about using this Library for RSA and AES Encryption and decryption in react native.

How to compile for node 8.10?

I'm getting following error, how can I re-compile for node 8.10?

    module initialization error: Error
    was compiled against a different Node.js version using
    NODE_MODULE_VERSION 64. This version of Node.js requires
    NODE_MODULE_VERSION 57. Please try re-compiling or re-installing
    the module (for instance, using `npm rebuild` or `npm install`).
    at Object.Module._extensions..node (module.js:681:18)
    at Module.load (module.js:565:32)
    at tryModuleLoad (module.js:505:12)
    at Function.Module._load (module.js:497:3)
    at Module.require (module.js:596:17)
    at require (internal/module.js:11:18)
    at Object.<anonymous> (/var/task/node_modules/virgil-crypto/dist/virgil-crypto.cjs.js:5:11)
    at Module._compile (module.js:652:30)
    at Object.Module._extensions..js (module.js:663:10)
    at Module.load (module.js:565:32)

e3kit-node using this in electron v8.3.0

I get the following error when attempting to use this package as part of e3kit-node in electron v8.3.0.

RuntimeError: abort(UnhandledRejection TypeError: `groupStorageName` is not a valid path). Build with -s ASSERTIONS=1 for more info.
    at process.B (webpack:///./node_modules/@virgilsecurity/core-foundation/node.es.js?:2:2534)
    at process.emit (events.js:215:7)
    at process.EventEmitter.emit (domain.js:476:20)
    at processEmit (webpack:///./node_modules/proper-lockfile/node_modules/signal-exit/index.js?:155:32)
    at processEmit [as emit] (C:\Users\Cam\projects\netcountable-desktop\truple\node_modules\write-file-atomic\node_modules\signal-exit\index.js:155:32)
    at processPromiseRejections (internal/process/promises.js:201:33)
    at processTicksAndRejections (internal/process/task_queues.js:94:32)
    at runNextTicks (internal/process/task_queues.js:62:3)
    at listOnTimeout (internal/timers.js:501:9)
    at processTimers (internal/timers.js:475:7)

Use of eval causes security error in Electron

Hi, when using this in Electron the use of eval in rollup-plugin-global-script.js causes this error:

/home/max/exodus/exodus/src/node_modules/@virgilsecurity/e3kit/dist/e3kit.browser.umd.min.js:1 [global-script] EvalError: Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'self'".


    at eval (<anonymous>)
    at /home/max/exodus/exodus/src/node_modules/@virgilsecurity/e3kit/dist/node_modules/virgil-crypto/dist/virgil-crypto-pythia.browser.es.js:3009
    at /home/max/exodus/exodus/src/node_modules/@virgilsecurity/e3kit/dist/node_modules/virgil-crypto/dist/virgil-crypto-pythia.browser.es.js:3009

Similar issue: firebase/firebase-js-sdk#798

Failed to download Virgil Crypto Node.js Addon - which node version is supported by virgil-crypto?

Hey. Which version of node is supported by the virgil-crypto package?
And is it possible to run this package on Firebase Cloud Functions with node 8?

I saw this issue #7
and @vadimavdeev wrote

Currently, only versions 4.x - 6.x are supported.

So what about current situation?

[React Native] Virgil Crypto slow performance with large number of messages

Hi,
I'm using virgil-crypto and virgil-sdk in a React Native project, in which I'm building a real-time chat with Firestore through react-native-firebase. I'm trying to reproduce eThree kit.

I noticed that Virgil Crypto is very slow to perform decryptThenVerify method in a loop of snapshot docs, specially when I call messages for the first time.

I have this situation:

componentDidMount = async () => {
  ...
  this._currUser = firebase.auth().currentUser;
  this.publicKey = await this._eThree.lookupPublicKeys(receiverUid);
  this.unsubscribe = this.chatRoomRef.orderBy('createdAt', 'desc').limit(20).onSnapshot(this._chatRoomListener);
  ...
}
_chatRoomListener = async (querySnapshot) => {
  console.log(querySnapshot.docs); // <-- THIS LOG APPEARS IMMEDIATELY
  const messages = await Promise.all(
    querySnapshot.docs.map(async doc => {
      let _publicKey = doc.data().uid !== this._currUser.uid
        ? this._eThree.parsePublicKey(this.publicKey) // <-- MY CUSTOM METHOD, SEE BELOW
        : null;
      let isDeleted = typeof doc.data().text === 'boolean' && !doc.data().text;
      let decryptedText = !isDeleted ? await this._eThree.decrypt(doc.data().text, _publicKey) : i18n.t('chat.messages.deleted_message');
      let loadedMessage = { ...doc.data(), text: decryptedText, deleted: isDeleted };
      return createGiftedChatItem(doc.id, loadedMessage);
    })
  );
  console.log(messages); // <-- THIS LOG APPEARS AFTER FEW SECONDS
  this.setState({messages});
}

and in my custom EThree class I have this situation:

...
async decrypt(message, publicKey) {
  const isMessageString = isString(message);

  const privateKey = await this._keyLoader.loadLocalPrivateKey();
  if (!privateKey) throw new Error('This identity is not registered');
  if (!publicKey) publicKey = this.virgilCrypto.extractPublicKey(privateKey);

  const res = this.virgilCrypto.decryptThenVerify(message, privateKey, publicKey);
  if (isMessageString) return res.toString('utf8');
  return res;
}
...
parsePublicKey = (publicKey) => {
  return this.virgilCrypto.importPublicKey(publicKey);
}
...

What could the performance problem be related to?

wasm-eval

The wasm libraries used by e3kit-js found in this project require 'wasm-eval' in the content security policy. This is a security risk. To complicate matters, Google is forcing Chrome extensions to use Manifest v3 as of June 1st 2024 (all other chrome extensions will be disabled/removed from the users device). Manifest v3 does not allow content security policies with "wasm-eval".

Why do these libraries require wasm-eval? I can't think of a reason it would be necessary, but I don't know much about these libs.

Catches uncaught exceptions

The vigil module is catching all uncaught exceptions from Node.js. Bad Form. Please, stop. The console dump is a bit harsh as well.

Example:

import { initCrypto } from "virgil-crypto";
initCrypto();

function unhandledError(err: any): void {
  logger.error("terminating due to unhandled error:", err);
  process.exit(3);
}

process.on("uncaughtException", unhandledError);
process.on("unhandledRejection", unhandledError);

throw Error("foo");

unhandledError() is never called.

This really makes us worry how well this module is written. This is so basic.

[React Native] Can't find variable: self

Hello there,
I'm trying to use just virgil-crypto and virgil-sdk libraries in a React Native project without e3kit, but I'm encountering the following error when debug is disabled

Cant' find variable: self

The error appears to come before I initialize the method new VirgilCrypto(), it already happens when I import the module with import { VirgilCrypto } from 'virgil-crypto';

If debug is active, the error goes away.
Any idea?

package.json

  "dependencies": {
    "@virgilsecurity/key-storage-rn": "0.1.3",
    "buffer": "5.2.1",
    "react": "16.8.3",
    "react-native": "0.59.8",
    "react-native-firebase": "5.3.1",
    "react-native-gesture-handler": "1.2.1",
    "react-native-gifted-chat": "0.8.2",
    "react-native-keychain": "3.1.3",
    "react-navigation": "3.9.2",
    "virgil-crypto": "3.2.2",
    "virgil-sdk": "5.2.3"
  },