npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

e2db

v1.0.7

Published

e2e encryption for your database

Downloads

31

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

m-esmm-esm

Keywords

encryptionmongodbe2eee2db

Readme

:fire: :hammer: Under heavy development

E2DB - e2e encryption for your database and files

NPM Maintenance GitHub stars

Install

npm install e2db

Run tests

npm run test

Demo

https://runkit.io/m-esm/e2db/branches/master

🚀 Usage

const Cipher = require("e2db").Cipher;

async function doExample() {
  const userCloudPassword = "user cloud password";
  const globalRsaPass = "global rsa passphrase";
  // key.privateKey is encrypted with AES secret ( user cloud password )
  // key.privateKey is also protected by rsa pass phrase ( global rsa pass for your app )
  // key._id is auto generated bson object id
  const key = await Cipher.keyMaker.createKey(userCloudPassword, globalRsaPass);

  const model = {
    message: "hello world",
    secretMessage: "privacy matters",
  };

  // models could be encrypted by multiple keys
  const encryptedModel = Cipher.encryptModel(model, [key], {
    fields: ["secretMessage"],
  });

  console.log(JSON.stringify(encryptedModel, null, 2));

  // note that 5f38843239e984113d8eb8fa is our key._id
  // outputs:
  //   {
  //     "message": "hello world",
  //     "secretMessage": "P9acGm+rBD4TaUpNRZVx2/5UW8BY0d0frHHiF2l6flU=",
  //     "_cipherKeys": {
  //       "5f38843239e984113d8eb8fa": "RANDOM_AES_SECRET_ENCRYPTED_BY_RSA_KEY"
  //     },
  //     "_cipherFields": [
  //       "secretMessage"
  //     ]
  //   }

  const decryptedModel = Cipher.decryptModel(
    encryptedModel,
    key,
    userCloudPassword,
    globalRsaPass
  );

  console.log(JSON.stringify(decryptedModel, null, 2));

  // outputs:
  // {
  //   "message": "hello world",
  //   "secretMessage": "privacy matters"
  // }
}

Why?

For the sake of security and privacy for users and their data. services need only have access to part of user's data which they granted access to, remaining data should be only decrypted on user read demand. E2DB is providing a set of tools that will help you with this.

What?

  • Sensitive and private information in database records
  • Private stored files on buckets and storages

When?

When inserting the document, it should encrypt specific fields of a document that only could be decrypted when reading with a key.

How?

To ensure data is end to end encrypted on your backend:

  • Encrypt sensitive part of the document with AES

    • Keep AES secret encrypted by the RSA key alongside the document.

  • RSA public key is available in raw format to encrypt random AES secret which is used to encrypt database records/documents.

  • RSA private keys need to be encrypted using AES and persisted. the secret key for this AES cipher is our "cloud password"

  • When the cloud password changes, only RSA keys need to be encrypted again.

  • Cloud passwords should always be received from the client-side and not persisted on the server-side.

    • To prevent leaking cloud passwords in clear text format in logs or etc, we need to encrypt them by an hourly rotated secret ( cloud password salt ) which is only available on-memory with specific expire time.

  • Documents AES secret could be encrypted by multiple keys.

Road map

  • [x] Create RSA key pairs encrypted by AES secret
  • [x] Changes AES secret of a RSA key
  • [x] PassTrough stream with AES cipher
  • [x] Cipher usage example
  • [ ] Create cloud password salt
  • [ ] Mongoose example
  • [ ] NestJs example
  • [ ] ExpressJs example

Resources

  • https://nodejs.org/en/knowledge/cryptography/how-to-use-crypto-module/
  • https://gist.github.com/joepie91/7105003c3b26e65efcea63f3db82dfba

🤝 Contributing

Contributions, issues and feature requests are welcome!Feel free to check issues page. You can also take a look at the contributing guide.

Show your support

Give a ⭐️ if this project helped you!

📝 License

Copyright © 2020 Mohsen Esmaeili [email protected]. This project is MIT licensed.

Author

👤 Mohsen Esmaeili [email protected]