@gasbuddy/kms-crypto
v5.1.2
Published
Crytography operations that use Amazon Key Management Service, with reasonable development time proxies
Downloads
615
Readme
kms-crypto
The kms-crypto module creates a generic interface for Key Management Services which allows reasonably flexible usage between true cloud providers (currently only AWS) and local encryption (mostly for development).
The key resource name is used to differentiate between the service providers, and the service provider is embedded in encrypted values (e.g. ciphertext). PLEASE NOTE - the examples use null:whatever
but DO NOT USE THAT IN PRODUCTION CODE. Your key should start with kms:
and you should get that key ARN from the ops team.
import assert from 'assert';
import { createKmsCryptoProvider } from '@gasbuddy/kms-crypto';
(async () => {
const kms = createKmsCryptoProvider({});
const encBlob = kms.encrypt('null:whatever', 'somethingunique', 'testing123');
const decBlob = kms.decrypt('somethingunique', encBlob);
assert.equals(decBlob.toString(), 'testing123');
})();