@aws-crypto/node-jose_aws-kms-extension v2.0.2
node-jose_aws-kms-extension
This library is an extension of the node-jose library, and uses monkey-patching to extend the capabilities of node-jose. It provides JWE-based encrypters/decrypters and JWS-based signers/verifiers for cryptographic operations with keys stored in AWS Key Management Service (KMS).
Installation
You can install the library from npm using the following command. This library requires Node.js 18 or above.
npm install @aws-crypto/node-jose_aws-kms-extension
Usage
Import the necessary classes from @aws-crypto/node-jose_aws-kms-extension
module:
import {
KMSAsymmetricSigningKey,
KMSSymmetricCEK,
KMSSymmetricKey,
} from '@aws-crypto/node-jose_aws-kms-extension';
Import the main jose object.
import { jose } from '@aws-crypto/node-jose_aws-kms-extension';
Now, you can use all existing node-jose features as you would in the absence of this library. This library adds AWS KMS support transparently. You can use your AWS KMS keys for various encryption and signing operations using the regular node-jose functions. AWS KMS-specific algorithm names are supported.
Supported node-jose
functions include:
jose.JWE.createEncrypt()
jose.JWE.createDecrypt()
jose.JWS.createSign()
jose.JWS.createVerify()
This library uses @aws-sdk/client-kms for all its communication with AWS KMS.
For consolidated usage examples, see Example
Security
See CONTRIBUTING for more information.
License
This library is distributed under the Apache License, Version 2.0, see LICENSE and NOTICE for more information.