Software Development Kit (SDK)
This page describes how to use the Confidencial SDK, which lets developers perform Confidencial actions such as decryption within their applications. Please contact us if you would like to get access to it.
The SDK is currently available in JavaScript and consists of one function, which supports the decryption of files. Support for encryption and other languages is coming soon. Have a language you’d like to see supported? Contact us.
While the SDK does not currently support encryption, the Confidencial Command-Line Interface (CLI) can be used to encrypt files and can be invoked from JavaScript code running in a Node environment (using the
child_process
module)Set up
Referencing the library
To use the Confidencial SDK in your JavaScript code, include a reference to the main SDK file,
c11-sdk-js.min.js
. For example, if the SDK is being used within a web page, include the following line within the <head>
element of the HTML<script src="sdk-location/c11-sdk-js.min.js"></script>
where
sdk-location
is the path to the main SDK file.Namespace
All SDK functions are contained within the
C11
namespace (e.g. C11.removeEncryption
)Private (decryption) keys
To use decryption functions within the SDK, valid private (decryption) keys are required for all files to be decrypted. Private keys can be obtained by following the instructions in Obtaining public-private key pairs for use with the Confidencial SDK.
Functions
removeEncryption(file, privateKeyPemMap)
Removes encryption from (decrypts) a file
Input arguments
-
file
is aFile
object referencing the file to be decrypted
privateKeyPemMap
is a dictionary object that maps public key hashes (stored asstring
) to private keys in PEM format (also stored asstring
)- The keys in this dictionary object are strings that represent the hashes of public keys
- The values in this dictionary object are strings that represent the corresponding private keys in PEM format
- Both public key hashes and private key PEMs can be obtained using the Confidencial Desktop App or Web App; see Obtaining public-private key pairs for use with the Confidencial SDK
- See the partial code example below for how a private key map can be assembled once public key hashes and private key PEMs are obtained
Return value
Upon success
removeEncryption
returns a File
object representing the decrypted filePartial example
The example below assumes
privateKeyfileElement
and encryptedPdfFileElement
are HTML file
inputs and publicKeyHashElement
is an HTML text
input.const privateKeyFile = privateKeyfileElement.files[0]; const encryptedPdfFile = encryptedPdfFileElement.files[0]; const publicKeyHash = publicKeyHashElement.value; const privateKeyMap = {}; privateKeyMap[publicKeyHash] = await privateKeyFile.text(); const decryptedFile = await C11.removeEncryption(encryptedPdfFile, privateKeyMap);
Full example
The example below contains a complete HTML page that allows a user to decrypt a file. The HTML page contains
file
inputs for the user to upload a file to be decrypted and a file representing the private (decryption) key in PEM format. The page also contains a text
input for the user to supply the hash of the public (encryption) key that corresponds to the uploaded private key.To avoid CORS errors, the HTML page below should be accessed through a web server (running either locally or in the cloud). Viewing this page directly in a web browser will not work if your browser is enforcing CORS restrictions (as most browsers do by default).
NOTE: The script below assumes the main SDK file,
c11-sdk-js.min.js
, is being served by a local web server running on port 8080. Adjust the <script src="...">
line in the code below accordingly if you are hosting the SDK file in a different location.To avoid invalid character errors, make sure the web server serving the SDK file is sending the appropriate content type header (
Content-Type: application/javascript; charset=UTF-8
)<!DOCTYPE html> <html> <head> <title>C11-SDK-Encryption-Removal</title> <script src="http://127.0.0.1:8080/c11-sdk-js.min.js"></script> <script> async function removeEncryption() { console.log("removeEncryption started"); let publicKeyHashElement = document.getElementById("PublicKeyHash"); if (publicKeyHashElement.value.length === 0) { alert("Please enter your Public Key Hash"); return; } let privateKeyfileElement = document.getElementById("privateKey"); if (privateKeyfileElement.files.length === 0) { alert("Please upload your private Key"); return; } let encryptedPdfFileElement = document.getElementById("encryptedPdfFile"); if (encryptedPdfFileElement.files.length === 0) { alert("Please upload encrypted Pdf File"); return; } let privateKeyFile = privateKeyfileElement.files[0]; let encryptedPdfFile = encryptedPdfFileElement.files[0]; let publicKeyHash = publicKeyHashElement.value; const privateKeyMap = {}; privateKeyMap[publicKeyHash] = await privateKeyFile.text(); const decryptedFile = await C11.removeEncryption(encryptedPdfFile, privateKeyMap); if (window.navigator.msSaveOrOpenBlob) // IE10+ window.navigator.msSaveOrOpenBlob(decryptedFile, filename); else { // Others var a = document.createElement("a"), url = URL.createObjectURL(decryptedFile); a.href = url; a.download = encryptedPdfFile.name; document.body.appendChild(a); a.click(); setTimeout(function () { document.body.removeChild(a); window.URL.revokeObjectURL(url); }, 0); } } </script> <style> form { margin: 20px auto; max-width: 600px; padding: 20px; border: 1px solid #ccc; border-radius: 5px; } label { display: block; margin-bottom: 10px; font-weight: bold; } input[type="text"], input[type="file"] { display: block; margin-bottom: 20px; width: 100%; padding: 10px; border-radius: 5px; border: 1px solid #ccc; box-sizing: border-box; } input[type="button"] { background-color: #08329d; color: white; padding: 10px 20px; border: none; border-radius: 5px; cursor: pointer; } input[type="button"]:hover { background-color: #3e558e; } </style> </head> <body> <form> <label for="PublicKeyHash">Your Public Key Hash:</label> <input type="text" id="PublicKeyHash" name="PublicKeyHash" placeholder="Enter Your Public Key Hash" /> <label for="privateKey">Your Private Key:</label> <input type="file" accept=".key" id="privateKey" name="privateKey" /> <label for="encryptedPdfFile">Encrypted Pdf File:</label> <input type="file" accept=".pdf" id="encryptedPdfFile" name="encryptedPdfFile" /> <input type="button" value="Decrypt" onclick="removeEncryption()" /> </form> </body> </html>