Function decryptSHLFile

decryptSHLFile(
params: { jwe: string; key: string },
): Promise<{ content: string; contentType: undefined | string }>
Decrypts JWE Compact using A256GCM direct decryption.

Follows the SMART Health Links specification for file decryption. The function:
1. Decrypts the JWE using the provided key
2. Extracts the content type from the cty header
3. Decompresses the content if zip=DEF is present
4. Returns the plaintext content and content type
Parameters
- params: { jwe: string; key: string }
  - jwe: string
    JWE Compact serialization string (5 base64url parts separated by dots)
  - key: string
    256-bit decryption key encoded as base64url (43 characters). Must be the same key used for encryption.
Returns Promise<{ content: string; contentType: undefined | string }>
Promise resolving to decrypted file object with content and contentType
Throws
SHLDecryptionError When JWE decryption fails due to invalid key, malformed JWE, or missing content type

Throws
SHLDecryptionError When decompression fails for zip=DEF content
Example
```
// Decrypt a file
const { content, contentType } = await decryptSHLFile({
  jwe: 'eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIiwiY3R5IjoiYXBwbGljYXRpb24vZmhpcitqc29uIn0...',
  key: 'abc123...' // same key used for encryption
});

if (contentType === 'application/fhir+json') {
  const fhirResource = JSON.parse(content);
  console.log('Resource type:', fhirResource.resourceType);
} else if (contentType === 'application/smart-health-card') {
  const shcFile = JSON.parse(content);
  console.log('Verifiable credentials:', shcFile.verifiableCredential);
}
```
- Defined in src/shl/crypto.ts:143

Function decryptSHLFile

Parameters

jwe: string

key: string

Returns Promise<{ content: string; contentType: undefined | string }>

Throws

Throws

Example

Settings