@ipbyrne/mongo-encrypted-query - npm Package Compare versions

Comparing version 0.0.8 to 0.0.9

package.json

@@ -6,3 +6,3 @@ {
   "license": "Apache-2.0",
-  "version": "0.0.8",
+  "version": "0.0.9",
   "main": "dist/index.js",
@@ -9,0 +9,0 @@ "typings": "dist/index.d.ts",

README.md

@@ -9,3 +9,3 @@ # Mongo Encrypted Query
 
-This is a simple SDK that can be used to encrypt all of your data in MongoDB in a way that makes it searchable with any MongoDB equality operator.
+This is a simple SDK that can be used to encrypt all of your data in MongoDB in a way that makes it searchable with any MongoDB equality operator by utilizing determinstic symmetric encryption. This acheived by using a `ECDH-ES+A256KW` private key along with the `AES-256-GCM` encryption algorithm.
 
@@ -29,4 +29,4 @@ ## How To Use
 
-### Generate Encryption Key (`generateEncryptionKeyPair`)
-This function is used to generate a key pair that can be used for encrypting and decrypting the data. These keys should never be saved in source or the database and should be stored in a key service where they are accessed whenever you are encrypting/decrypting data.
+### Generate Encryption Key (`generateEncryptionPrivateKey`)
+This function is used to generate a `X25519` private key that can be used for encrypting and decrypting the data. This key should never be saved in source or the database and should be stored in a key service where they are accessed whenever you are encrypting/decrypting data.
 
@@ -33,0 +33,0 @@ ## Working In The Repo

src/cipher/cipher.ts

@@ -8,14 +8,9 @@ import { generateKeyPair } from "jose/util/generate_key_pair";
 
-const crvToAlg: { [x: string]: string } = {
-  X25519: "ECDH-ES+A256KW",
-};
-
-export const generate = async (crv = "X25519") => {
-  const alg = crvToAlg[crv];
-  const { publicKey, privateKey } = await generateKeyPair(alg, {
-    crv,
+export const generate = async () => {
+  const alg = "ECDH-ES+A256KW";
+  const { privateKey } = await generateKeyPair(alg, {
+    crv: "X25519",
   });
-  const publicKeyJwk = await exportJWK(publicKey);
   const privateKeyJwk = await exportJWK(privateKey);
-  return { publicKeyJwk, privateKeyJwk };
+  return { privateKeyJwk };
 };
@@ -26,3 +21,3 @@
   const encodedPrivateKey = encoder.encode(privateKeyJwk.d).slice(0, 32);
-  const initVector = encoder.encode(privateKeyJwk.d).slice(0, 16);
+  const initVector = encoder.encode(privateKeyJwk.x).slice(0, 16);
   const cipher = crypto.createCipheriv(enc, encodedPrivateKey, initVector);
@@ -40,3 +35,3 @@ const dataType = typeof data;
   const encodedPrivateKey = encoder.encode(privateKeyJwk.d).slice(0, 32);
-  const initVector = encoder.encode(privateKeyJwk.d).slice(0, 16);
+  const initVector = encoder.encode(privateKeyJwk.x).slice(0, 16);
   const decipher = crypto.createDecipheriv(enc, encodedPrivateKey, initVector);
@@ -43,0 +38,0 @@ const decryptedData = decipher.update(ciphertext, "hex", "utf-8");

src/index.ts

@@ -60,4 +60,4 @@ import {
   decryptData,
-  generateEncryptionKeyPair: generate,
+  generateEncryptionPrivateKey: generate,
   Types,
 };

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

30832

increased by0.05%

Worsened metrics

Lines of code

392

decreased by-1.01%

No dependency changes