AWS Encryption SDK for JavaScript client for Node.js
@aws-crypto/client-node
The client-node module includes all of the modules you need to use the AWS Encryption SDK for
JavaScript with Node.js.
- decrypt-node
- encrypt-node
- kms-keyring-node
- material-management-node
- caching-materials-manager-node
- raw-aes-keyring-node
- raw-rsa-keyring-node
For code examples that show you how to these modules to create keyrings and encrypt and decrypt data, install the example-node module.
install
To install this module, use the npm package manager. For help with installation, see
https://www.npmjs.com/get-npm.
npm install @aws-crypto/client-node
use
For detailed code examples
that show you how to these modules
to create keyrings
and encrypt and decrypt data,
install the example-node module.
const generatorKeyId = 'arn:aws:kms:us-west-2:658956600833:alias/EncryptDecrypt'
const keyIds = ['arn:aws:kms:us-west-2:658956600833:key/b3537ef1-d8dc-4780-9f5a-55776cbb2f7f']
const keyring = new KmsKeyringNode({ generatorKeyId, keyIds })
const context = {
stage: 'demo',
purpose: 'simple demonstration app',
origin: 'us-west-2'
}
const cleartext = 'asdf'
const { result } = await encrypt(keyring, cleartext, { encryptionContext: context })
const { plaintext, messageHeader } = await decrypt(keyring, result)
const { encryptionContext } = messageHeader
Object
.entries(context)
.forEach(([key, value]) => {
if (encryptionContext[key] !== value) throw new Error('Encryption Context does not match expected values')
})
test
npm test
Compatibility Considerations
RSA Options
Node.js crypto does not support all RSA key wrapping options supported by other other implementation of the AWS Encryption SDK
The supported configurations are:
- OAEP with SHA1 and MGF1 with SHA1
- PKCS1v15
license
This SDK is distributed under the
Apache License, Version 2.0,
see LICENSE.txt and NOTICE.txt for more information.