JSPM

  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 38
  • Score
    100M100P100Q92860F
  • License MIT

FIPS-compatible RSA decryption module for AES session key handling (Node.js / Node-RED / PCI DSS)

Package Exports

  • fips-rsa-crypto
  • fips-rsa-crypto/index.js

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (fips-rsa-crypto) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

fips-rsa-crypto

FIPS-compatible RSA decryption module for decrypting **AES session keys handling **in secure financial or payment integrations (e.g., Payment Service Providers, banking APIs, or PCI DSS systems). Designed for Node.js ≥18 and Node-RED, fully compliant with PCI DSS 4.0 (3.5 / 3.6).

This module was originally designed for Payment Service Provider (PSP) integrations, where the PSP encrypts the transaction data using AES and RSA keys. However, it can be used in any project requiring FIPS-compliant RSA decryption.

🔐 Features

  • RSA-2048 / PKCS#1 v1.5 decryption (legacy-compatible, suitable for PSP and banking APIs)
  • Uses OpenSSL 3.0 / FIPS-capable libraries (Ubuntu 22.04 LTS and newer)
  • AES-256-CTR ready – for decrypting encrypted financial or payment payloads
  • 100% in-memory – no temporary files, no subprocess calls
  • Compatible with Node-RED Function nodes and plain Node.js ≥ 18
  • Cross-platform – Linux, macOS, Windows, ARM

📦 Installation

npm install fips-rsa-crypto

---

### ⚙️ Example Usage

```js
import { decrypt } from 'fips-rsa-crypto';
import crypto from 'crypto';

// Simulated PSP response (encrypted symmetric key)
const encryptedKeyBase64 = 'MIIClzBABgkqhkiG9w0BB...';  // example data
const privateKeyPem = `
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQC4qv5D...
-----END RSA PRIVATE KEY-----
`;

// 1️ Decrypt symmetric AES key from PSP response
const decryptedKeyJSON = decrypt(encryptedKeyBase64, privateKeyPem);
const { key, iv } = JSON.parse(decryptedKeyJSON);

// 2️ Use decrypted AES key to decrypt PSP "info" field
const encryptedInfo = 'CjAd3T8p...'; // PSP 'info' field in base64
const decipher = crypto.createDecipheriv(
  'aes-256-ctr',
  Buffer.from(key, 'base64'),
  Buffer.from(iv, 'base64')
);

const decryptedData = Buffer.concat([
  decipher.update(Buffer.from(encryptedInfo, 'base64')),
  decipher.final()
]);

console.log('Decrypted PSP payload:', decryptedData.toString());