npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@qnx/crypto

v0.7.13

Published

Crypto functions

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

yatendra121kushwahayatendra121kushwaha

Keywords

cryptojose

Readme

@qnx/crypto

@qnx/crypto provides utility functions to generate and decrypt JSON Web Signatures (JWS) and JSON Web Encryption (JWE) using the jose cryptography library for secure data transmission.

✨ Features

  • 🔐 JWT signing and verification
  • 🔒 JWE encryption and decryption
  • 🔁 Auth token generator/decryptor
  • 📦 Built on the JOSE standard

📦 Installation

Install via your preferred package manager:

# npm
npm install @qnx/crypto

# yarn
yarn add @qnx/crypto

# pnpm
pnpm install @qnx/crypto

🔗 Peer Dependency

Install jose (required):

npm install jose

🚀 Usage

🔧 Core Functions

| Function | Purpose | | ------------ | ------------------------ | | jwtSign | Sign a JWT payload | | jwtVerify | Verify a JWT token | | jweEncrypt | Encrypt a payload to JWE | | jweDecrypt | Decrypt a JWE token |

jwtSign

Signs and returns a JWT using a symmetric secret.

import { jwtSign, toSymmetricSecret } from '@qnx/crypto'

const data = { foo: 'bar' }
const secret = toSymmetricSecret('SECRET_STRING')

const jwt = await jwtSign({ data }, secret, { alg: 'HS256' })

jwtVerify

Verifies the JWT format, signature, and claims set.

import { jwtVerify, toSymmetricSecret } from '@qnx/crypto'

const secret = toSymmetricSecret('SECRET_STRING')
const { payload } = await jwtVerify(jwt, secret)

🔐 jweEncrypt

Encrypts a string using JWE.

import { jweEncrypt, toPKCS8Secret } from '@qnx/crypto'

const secret = await toPKCS8Secret(process.env.ENCRYPTION_SECRET_JWE, 'ECDH-ES+A128KW')
const jwe = await jweEncrypt('this is message.', secret)

🔓 jweDecrypt

Decrypts a previously encrypted JWE string.

import { jweDecrypt, toPKCS8Secret } from '@qnx/crypto'

const secret = await toPKCS8Secret(process.env.ENCRYPTION_SECRET_JWE, 'ECDH-ES+A128KW')
const { plaintext } = await jweDecrypt(jwe, secret)

🔐 Auth Token Management

🔧 Environment Setup

Ensure these environment variables are set:

ENCRYPTION_SECRET_JWT=your_jwt_secret
ENCRYPTION_SECRET_JWE=your_jwe_secret

🛠️ generateAuthToken

Creates a signed and encrypted auth token.

import { generateAuthToken } from '@qnx/crypto'

const subject = 'userId'
const { token, dbToken } = await generateAuthToken(subject)

// token: Encrypted token for client
// dbToken: Unique identifier for storage

🥪 decryptAuthToken

Decrypts and verifies the encrypted auth token.

import { decryptAuthToken } from '@qnx/crypto'

const encryptedToken = '...' // Your token here

try {
  const decryptedPayload = await decryptAuthToken(encryptedToken)
  // Use the decrypted payload
} catch (error) {
  console.error('Token decryption failed:', error)
}

🤝 Contributing

Pull requests are welcome! For major changes, please open an issue first to discuss what you’d like to change. Make sure to update or add tests where appropriate.

📄 License

MIT License © 2023-PRESENT Yatendra Kushwaha