Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

@evervault/sdk

Package Overview
Dependencies
Maintainers
5
Versions
105
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@evervault/sdk - npm Package Compare versions

Comparing version 3.14.1 to 4.0.0

8

lib/config.js

@@ -12,11 +12,7 @@ const { version } = require('../package.json');

module.exports = (apikey) => ({
module.exports = () => ({
http: {
baseUrl: process.env.EV_API_URL || DEFAULT_API_URL,
functionRunUrl: process.env.EV_CAGE_RUN_URL || DEFAULT_FUNCTION_RUN_URL,
headers: {
'API-KEY': apikey,
'user-agent': `evervault-node/${version}`,
},
responseType: 'json',
userAgent: `evervault-node/${version}`,
tunnelHostname: process.env.EV_TUNNEL_HOSTNAME || DEFAULT_TUNNEL_HOSTNAME,

@@ -23,0 +19,0 @@ certHostname: process.env.EV_CERT_HOSTNAME || DEFAULT_CA_HOSTNAME,

@@ -1,18 +0,44 @@

const { errors } = require('../utils');
const { errors, Datatypes } = require('../utils');
const phin = require('phin');
module.exports = (config) => {
const request = (method, path, headers = {}, data = undefined) => {
module.exports = (appUuid, apiKey, config) => {
const request = (
method,
path,
additionalHeaders = {},
data = undefined,
basicAuth = false,
parse = 'json'
) => {
const headers = {
'user-agent': config.userAgent,
...additionalHeaders,
};
if (basicAuth) {
headers['authorization'] = `Basic ${Buffer.from(
`${appUuid}:${apiKey}`
).toString('base64')}`;
} else {
headers['api-key'] = apiKey;
}
return phin({
url: path.startsWith('https://') ? path : `${config.baseUrl}/${path}`,
method,
headers: { ...config.headers, ...headers },
headers,
data,
parse: config.responseType,
parse,
});
};
const get = (path, headers) => request('GET', path, headers);
const post = (path, data, headers = { 'Content-Type': 'application/json' }) =>
request('POST', path, headers, data);
const post = (
path,
data,
headers = { 'Content-Type': 'application/json' },
basicAuth = false,
parse = 'json'
) => request('POST', path, headers, data, basicAuth, parse);
const getCageKey = async () => {

@@ -155,2 +181,33 @@ const getCagesKeyCallback = async () => {

const decrypt = async (encryptedData) => {
let contentType;
let data;
if (Buffer.isBuffer(encryptedData)) {
contentType = 'application/octet-stream';
data = encryptedData;
} else {
contentType = 'application/json';
data = {
data: encryptedData,
};
}
const response = await post(
`${config.baseUrl}/decrypt`,
data,
{
'Content-Type': contentType,
},
true,
'none'
);
if (response.statusCode >= 200 && response.statusCode < 300) {
if (contentType === 'application/json') {
const { data } = JSON.parse(response.body);
return data;
}
return response.body;
}
throw errors.mapApiResponseToError(response);
};
return {

@@ -163,3 +220,4 @@ getCageKey,

getRelayOutboundConfig,
decrypt,
};
};
declare module "@evervault/sdk" {
export default class Evervault {
constructor(apiKey: string)
constructor(appId: string, apiKey: string)
encrypt: (data: any) => Promise<any>;
decrypt: (encryptedData: any) => Promise<any>;
run: <T>(functionName: string, data: object, options?: { async?: boolean, version?: string }) => Promise<{ result: T, runId: string, appUuid: string }>;

@@ -6,0 +7,0 @@ createRunToken: (functionName: string, data: object) => Promise<{ token: string }>;

@@ -26,7 +26,15 @@ const crypto = require('crypto');

constructor(apiKey, options = {}) {
if (!Datatypes.isString(apiKey)) {
throw new errors.InitializationError('API key must be a string');
constructor(appId, apiKey, options = {}) {
if (
appId === '' ||
!Datatypes.isString(appId) ||
!appId.startsWith('app_')
) {
throw new errors.InitializationError(
'The provided App ID is invalid. The App ID can be retrieved in the Evervault dashboard (App Settings).'
);
}
validationHelper.validateApiKey(appId, apiKey);
if (apiKey.startsWith('pk:')) {

@@ -50,6 +58,7 @@ this.defineHiddenProperty(

this.retry = options.retry;
this.http = Http(this.config.http);
this.http = Http(appId, apiKey, this.config.http);
this.crypto = Crypto(this.config.encryption[curve], this.http);
this.httpsHelper = httpsHelper;
this.apiKey = apiKey;
this.appId = appId;

@@ -281,2 +290,11 @@ this.defineHiddenProperty(

/**
*
* @param {any} encryptedData
* @returns {Promise<any>}
*/
async decrypt(encryptedData) {
return this.http.decrypt(encryptedData);
}
/**
* @param {String} functionName

@@ -283,0 +301,0 @@ * @param {Object} payload

@@ -46,2 +46,7 @@ class EvervaultError extends Error {

}
if (statusCode === 403) {
return new ApiKeyError(
'The API key provided does not have the required permissions.'
);
}
if (statusCode === 422) {

@@ -48,0 +53,0 @@ return new DecryptError(body.message || 'Unable to decrypt data.');

@@ -0,4 +1,27 @@

const crypto = require('crypto');
const errors = require('./errors');
const Datatypes = require('./datatypes');
const validateApiKey = (appUuid, apiKey) => {
if (apiKey === '' || !Datatypes.isString(apiKey)) {
throw new errors.InitializationError(
'The API key must be a string and cannot be empty.'
);
}
if (apiKey.startsWith('ev:key')) {
// Scoped API key
const appUuidHash = crypto
.createHash('sha512')
.update(appUuid)
.digest('base64')
.slice(0, 6);
const appUuidHashFromApiKey = apiKey.split(':')[4];
if (appUuidHash !== appUuidHashFromApiKey) {
throw new errors.InitializationError(
`The API key is not valid for app ${appUuid}. Make sure to use an API key belonging to the app ${appUuid}.`
);
}
}
};
const validatePayload = (payload) => {

@@ -43,2 +66,3 @@ if (

module.exports = {
validateApiKey,
validatePayload,

@@ -45,0 +69,0 @@ validateFunctionName,

{
"name": "@evervault/sdk",
"version": "3.14.1",
"version": "4.0.0",
"description": "Node.js SDK for Evervault",

@@ -5,0 +5,0 @@ "main": "lib/index.js",

@@ -34,4 +34,4 @@ [![Evervault](https://evervault.com/evervault.svg)](https://evervault.com/)

// Initialize the client with your team's api key
const evervaultClient = new Evervault('<API-KEY>');
// Initialize the client with your App ID and API Key
const evervaultClient = new Evervault('<API-KEY>', '<APP_ID>');

@@ -48,9 +48,11 @@ // Encrypt your sensitive data

// Decrypt the data
const decrypted = await evervaultClient.decrypt(encrypted);
// Enable the Cages beta client
await evervaultClient.enableCagesBeta({ 'my-cage': { pcr8: '...' } });
// This connection will be attested by the Cages beta client
const response = await axios.post(
'https://my-cage.my-app.cages.evervault.com',
encrypted
);
); // This connection will be attested by the Cages beta client
```

@@ -60,19 +62,33 @@

The Evervault Node.js SDK exposes four functions.
The Evervault Node.js SDK exposes six functions.
### evervault.encrypt()
`evervault.encrypt()`encrypts data for use in your [Functions](https://docs.evervault.com/tutorial). To encrypt data at the server, simply pass an object or string into the evervault.encrypt() function. Store the encrypted data in your database as normal.
`evervault.encrypt()` encrypts data. To encrypt data at the server, simply pass a string, boolean, number, array, object or buffer into the `evervault.encrypt()` function. Store the encrypted data in your database as normal.
```javascript
async evervault.encrypt(data: Object | String);
async evervault.encrypt(data: string | boolean | number | Array | Object | Buffer);
```
| Parameter | Type | Description |
| --------- | ---------------- | --------------------- |
| data | Object or String | Data to be encrypted. |
| Parameter | Type | Description |
| --------- | ------------------------------------------------ | --------------------- |
| data | String, Boolean, Number, Array, Object or String | Data to be encrypted. |
### evervault.decrypt()
`evervault.decrypt()` decrypts data previously encrypted with the `encrypt()` function or through Evervault's Relay (Evervault's encryption proxy).
An API Key with the `decrypt` permission must be used to perform this operation.
```javascript
async evervault.decrypt(encrypted: string | Array | Object | Buffer);
```
| Parameter | Type | Description |
| -------------- | --------------------------------| --------------------- |
| encrypted | String, Array, Object or Buffer | Data to be decrypted. |
### evervault.run()
`evervault.run()` invokes a Function with a given payload.
An API Key with the `run function` permission must be used to perform this operation.

@@ -101,2 +117,3 @@ ```javascript

`evervault.createRunToken()` creates a single use, time bound token for invoking a Function.
An API Key with the `create a run token` permission must be used to perform this operation.

@@ -103,0 +120,0 @@ ```javascript

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc