npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@randlabs/encrypted-local-storage

v2.0.0

Published

* [Overview](#Overview) * [How does it work?](#How-does-it-work?) * [Installation](#Installation) * [API Usage](#API-Usage) * [Create new password](#Create-new-password) * [Verify password](#Verify-password) * [Create AppStorage instance](#Create-Ap

Downloads

544

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

mpicco-randlabsmpicco-randlabsmxmauromxmauroalex99yalex99y

Keywords

storageencrypted

Readme

Encrypted Local Storage

Overview

Encrypted local storage is a Javascript library developed by Rand Labs to securely store the information in the browser and primarily used by MyAlgo Wallet. It uses the browser’s IndexedDB API for storage and the WebCrypto API to create the keys and encrypt/decrypt data.

How does it work?

Encrypted local storage uses two different zones to store data, one for passwords and private keys, and the other to store public information.

For the former, we use the AES-GCM algorithm with a 12 bytes IV and 32 bytes salt. Also we use PBKDF2 to generate the keys with the supplied password and a configuration of 256-bit length, 32 bytes salt, SHA-512, and 1 million iterations.

For public data, a 256-bit obfuscation key is created with a 16-byte IV and used in conjunction with AES-CBC to protect public data. Despite it isn’t necessary to protect public data, users might want to hide them.

To ensure a high entropy in all generated random numbers, WebCrypto’s random number generator is used.

Password verification involves decryption of the obfuscation key concatenated with a specific phrase using AES-GCM. We check both successful decryption and correctness of the phrase. After this, the obtained obfuscation key is used to decrypt the public information.

At last, every time data is saved in the storage, a new IV and SALT pair is generated and used to encrypt such data.

Installation

The library can be installed via npm:

npm install @randlabs/encrypted-local-storage

API Usage

Create new password

import AppStorage from "@randlabs/encrypted-local-storage"

const passwordKey = "masterkey"; // IndexedDB key
const password = "secret-password";

(async () => {
    await AppStorage.createPassword(passwordKey, password);
})().catch(e => {
    console.log(e);
});

Verify password

(async () => {
    const obfuscatekey = await AppStorage.verifyPassword(passwordKey, password);
})().catch(e => {
    console.log(e); // Invalid password
});

Create AppStorage instance

const appStorage = new AppStorage(); // obfuscatekey param its optional
const obfuscatekey = appStorage.getStorageKey();

Storing data

const itemKey = "info";
const obj = { name: "Jay", phone: "156988460", zipcode: 546944 }
(async () => {
    const appStorage = new AppStorage(obfuscatekey);
    await appStorage.saveItemToStorage(itemKey, obj);
})().catch(e => {
    console.log(e);
});

Loading data

(async () => {
    const appStorage = new AppStorage(obfuscatekey);
    const data = await appStorage.loadItemFromStorage(itemKey);
    console.log(data);
})().catch(e => {
    console.log(e);
});

Storing private data

const password = "secret-password";
const itemKey = "private_key";
const privateData = "private key information";
(async () => {
    const data = new Uint8Array(Buffer.from(privateData));
    await AppStorage.savePrivatekeyToStorage(itemKey, password, data);
})().catch(e => {
    console.log(e);
});

Loading private data

const password = "secret-password";
const itemKey = "private_key";

(async () => {
    const data = await AppStorage.loadPrivatekeyFromStorage(itemKey, password, data);
    console.log(Buffer.from(data).toString());
})().catch(e => {
    console.log(e);
});

Test

Encrypted Local Storage is designed to run in the browser. You can test it locally using:

npm run test

All tests are ran using KarmaJS

Contributing

We are happy that you are interested in collaborating with our project.
To contribute, please fork the repository, clone it, make your commits, and then make a PR to the develop branch. Make sure all linter and test pass.

Copyright and License

See LICENSE file.