Skip to main content

Encryption method

Methods for Requesting a Cryptographic Signature of Messages, from SSS

requestSignEncription

  • The function has no arguments
  • ВReturn value Promise<EncryptedMessage>

This function asks the user for authorization to create an encrypted message based on the information in a given message.

// window.SSS
const message = "the message you want to encrypt";
const pubkey = "===== RECIPIENT PUBLIC KEY =====";

window.SSS.setMessage(message, pubkey);

window.SSS.requestSignEncription().then((msg) => {
  console.log({ msg });
});
// sss-module
import { setMessage, requestSignEncription } from "sss-module";
const message = "the message you want to encrypt";
const pubkey = "===== RECIPIENT PUBLIC KEY =====";

setMessage(message, pubkey);

requestSignEncription().then((msg) => {
  console.log({ msg });
});

getActiveAccountToken

Generates a secure encrypted authentication token using the account's public key (verifier) and the user's private key stored in the web application.

window.SSS

  • Argument
    • publicKey : string
    • customPayload : object (Can be downgraded)
    • encryptedPayload : string (Can be downgraded)
  • 戻り値 Promise<string>

sss-module

  • 引数
    • publicKey : string | PublicAccount
    • customPayload : object (Can be downgraded)
    • encryptedPayload : string (Can be downgraded)
  • 戻り値 Promise<string>

Generates a cryptographic authentication token from the active account to the specified public key. The payload of the second argument is specified in json format and combined with the default payload to create an encrypted authentication token.

Default payload

  • signerAddress : ActiveAccount address
  • iat : token generation time
  • verufierAddress : The destination address obtained from the ActiveAccount network and the destination public key specified in the argument.
  • network : ActiveAccount Network
// window.SSS
const pubkey = "===== RECIPIENT PUBLIC KEY =====";

window.SSS.getActiveAccountToken(pubkey).then((token) => {
  console.log({ token });
});
// sss-module
import { getActiveAccountToken } from "sss-module";
const pubkey = "===== RECIPIENT PUBLIC KEY =====";

getActiveAccountToken(pubkey).then((token) => {
  console.log({ token });
});

custom payload

An optional argument used when you want to include elements other than the default payload in the token. Creates an authentication token with the specified json object along with a default payload.

// window.SSS
const pubkey = "===== RECIPIENT PUBLIC KEY =====";

const customPayload = {
  deadline: 60 * 60 * 24,
};

window.SSS.getActiveAccountToken(pubkey, customPayload).then((token) => {
  console.log({ token });
});
// sss-module
import { getActiveAccountToken } from "sss-module";
const pubkey = "===== RECIPIENT PUBLIC KEY =====";

const customPayload = {
  deadline: 60 * 60 * 24,
};

getActiveAccountToken(pubkey, customPayload).then((token) => {
  console.log({ token });
});

Encryption Payload

Specifies the payload of an encrypted message generated from the server using the private key of the verifier and the public key of the user, Creates an authentication token with a server-side secret value.

// window.SSS
const pubkey = "===== RECIPIENT PUBLIC KEY =====";

const customPayload = {
  deadline: 60 * 60 * 24,
};

const encryptedPayload = verifier.encryptMessage(
  "This is EncriptedPayload",
  userPublicKey
);

window.SSS.getActiveAccountToken(pubkey, customPayload, encryptedPayload).then(
  (token) => {
    console.log({ token });
  }
);
// sss-module
import { getActiveAccountToken } from "sss-module";
const pubkey = "===== RECIPIENT PUBLIC KEY =====";

const customPayload = {
  deadline: 60 * 60 * 24,
};

const encryptedPayload = verifier.encryptMessage(
  "This is EncriptedPayload",
  userPublicKey
).payload;

getActiveAccountToken(pubkey, customPayload, encryptedPayload).then((token) => {
  console.log({ token });
});

Authentication token decryption

Decrypt the token generated by getActiveAccountToken on the server side.

When the server receives an authentication token, it uses the user's public key and the verifier's private key, which are stored on the server, to decrypt the authentication token. The payload of the decrypted message becomes the content of the authentication token.

const authToken = "===== AUTH TOKEN =====";

const userPublicKey = PublicAccount.createFromPublicKey(user, nt);
const msg = new EncryptedMessage(authToken, userPublicKey);
const token = verifier.decryptMessage(msg, userPublicKey).payload;

console.log({ token });