npm
Sign UpSign In

@autotelic/envelope-encryptor
TypeScript icon, indicating that this package has built-in type declarations

0.6.2 • Public • Published

envelope-encryptor

Envelope encryption with configurable KMS.

Installation

npm install @autotelic/envelope-encryptor

Usage

// Using AWS KMS
import { createEnvelopeEncryptor, awsKms } from '@autotelic/envelope-encryptor'

const {
  AWS_REGION,
  KMS_KEY_ID,
  KMS_ACCESS_KEY_ID,
  KMS_SECRET_ACCESS_KEY
} = process.env

const keyService = awsKms(KMS_KEY_ID, {
  region: AWS_REGION,
  credentials: {
    accessKeyId: KMS_ACCESS_KEY_ID,
    secretAccessKey: KMS_SECRET_ACCESS_KEY
  }
})

const encryptor = createEnvelopeEncryptor(keyService)

const { encrypt, decrypt } = encryptor

// encrypt; store these in the db; plaintext is encrypted at rest
const {
  ciphertext,
  key,
  salt
 } = await encrypt('plaintext')

// decrypt
const plaintext = await decrypt({
  ciphertext: ciphertext.toString(),
  key,
  salt
})

In development and testing

Don't need to use a real KMS, so export

Readme

Keywords

Package Sidebar

Install

npm i @autotelic/envelope-encryptor

Repository

github.com/autotelic/envelope-encryptor

Homepage

github.com/autotelic/envelope-encryptor#readme

Weekly Downloads

73

Version

0.6.2

License

MIT

Unpacked Size

7.66 kB

Total Files

8

Last publish

Collaborators

  • autotelic
Try on RunKit
Report malware