JWE Compact serialization string (5 base64url parts separated by dots)
256-bit decryption key encoded as base64url (43 characters). Must be the same key used for encryption.
Promise resolving to decrypted file object with content
and contentType
SHLDecryptionError When JWE decryption fails due to invalid key, malformed JWE, or missing content type
SHLDecryptionError When decompression fails for zip=DEF content
// Decrypt a file
const { content, contentType } = await decryptSHLFile({
jwe: 'eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIiwiY3R5IjoiYXBwbGljYXRpb24vZmhpcitqc29uIn0...',
key: 'abc123...' // same key used for encryption
});
if (contentType === 'application/fhir+json') {
const fhirResource = JSON.parse(content);
console.log('Resource type:', fhirResource.resourceType);
} else if (contentType === 'application/smart-health-card') {
const shcFile = JSON.parse(content);
console.log('Verifiable credentials:', shcFile.verifiableCredential);
}
Decrypts JWE Compact using A256GCM direct decryption.
Follows the SMART Health Links specification for file decryption. The function: