Node.js
SmartField SDK for Node.js
Decrypt SmartField encrypted data with Node.js. Works with Express. Tested on port 3333.
Installation
npm install @smartfield-dev/server
Initialize
const sf = require('@smartfield-dev/server');
await sf.init();
app.use(sf.middleware());
This generates RSA-2048 keys locally. Keys are stored in .smartfield/ and never sent anywhere.
Decrypt
const password = await sf.decrypt(req.body.password);
That's it. The encrypted payload from the browser is decrypted server-side. Only your server has the private key.
How It Works
- Browser: SmartField encrypts user input with AES-256-GCM
- Browser: AES key is wrapped with your server's RSA-2048 public key
- Network: Encrypted payload sent to your Node.js server
- Server: RSA private key unwraps the AES key
- Server: AES key decrypts the data
- Server: Plaintext available only here
Frontend Setup
<script src="https://cdn.smartfield.dev/v1/smartfield.js"></script>
<smart-field type="password"
encrypt-key="/api/sf-key"
placeholder="password"></smart-field>
Encryption Details
- Data encryption: AES-256-GCM (NIST SP 800-38D)
- Key exchange: RSA-OAEP-2048 (NIST SP 800-56B)
- Random generation: Cryptographically secure (Web Crypto API)
- Payload format: Base64(JSON{v, iv, key, data})
- New key per encryption: Forward secrecy per keystroke
Related Pages