@ipbyrne/mongo-encrypted-query - npm Package Compare versions

Comparing version 1.0.2 to 1.0.3

dist/index.d.ts

 import { PrivateKeyJwk, Data } from "./types";
 import * as Types from "./types";
-export declare const encryptQuery: (query: any, privateKeyJwk: PrivateKeyJwk, prefix?: string) => any;
-export declare const encryptData: (data: Data | any, privateKeyJwk: PrivateKeyJwk) => any;
-export declare const decryptData: (data: Data | any, privateKeyJwk: PrivateKeyJwk) => any;
+export declare const encryptQuery: (query: any, privateKeyJwk: PrivateKeyJwk, encryptKeys?: boolean, prefix?: string) => any;
+export declare const encryptData: (data: Data | any, privateKeyJwk: PrivateKeyJwk, encryptKeys?: boolean) => any;
+export declare const decryptData: (data: Data | any, privateKeyJwk: PrivateKeyJwk, encryptKeys?: boolean) => any;
 declare const _default: {
-    encryptQuery: (query: any, privateKeyJwk: PrivateKeyJwk, prefix?: string | undefined) => any;
-    encryptData: (data: any, privateKeyJwk: PrivateKeyJwk) => any;
-    decryptData: (data: any, privateKeyJwk: PrivateKeyJwk) => any;
+    encryptQuery: (query: any, privateKeyJwk: PrivateKeyJwk, encryptKeys?: boolean, prefix?: string | undefined) => any;
+    encryptData: (data: any, privateKeyJwk: PrivateKeyJwk, encryptKeys?: boolean) => any;
+    decryptData: (data: any, privateKeyJwk: PrivateKeyJwk, encryptKeys?: boolean) => any;
     generateEncryptionPrivateKey: () => Promise<{
@@ -11,0 +11,0 @@ privateKeyJwk: import("jose/types").JWK;

dist/index.js

@@ -7,4 +7,4 @@ "use strict";
 const Types = __importStar(require("./types"));
-const encryptQuery = (query, privateKeyJwk, prefix) => {
-    const encryptedQuery = (0, utils_1.createEntrypedQuery)(query, privateKeyJwk);
+const encryptQuery = (query, privateKeyJwk, encryptKeys = true, prefix) => {
+    const encryptedQuery = (0, utils_1.createEntrypedQuery)(query, privateKeyJwk, encryptKeys);
     if (prefix) {
@@ -20,9 +20,9 @@ const prefixedEncryptedQuery = {};
 exports.encryptQuery = encryptQuery;
-const encryptData = (data, privateKeyJwk) => {
+const encryptData = (data, privateKeyJwk, encryptKeys = true) => {
     const type = typeof data;
     if (Array.isArray(data)) {
-        return data.map((d) => (0, exports.encryptData)(d, privateKeyJwk));
+        return data.map((d) => (0, exports.encryptData)(d, privateKeyJwk, encryptKeys));
     }
     if (type === "object") {
-        const encryptedData = (0, utils_1.createEncryptedObject)(data, privateKeyJwk);
+        const encryptedData = (0, utils_1.createEncryptedObject)(data, privateKeyJwk, encryptKeys);
         return encryptedData;
@@ -33,6 +33,6 @@ }
 exports.encryptData = encryptData;
-const decryptData = (data, privateKeyJwk) => {
+const decryptData = (data, privateKeyJwk, encryptKeys = true) => {
     const type = typeof data;
     if (Array.isArray(data)) {
-        return data.map((d) => (0, exports.decryptData)(d, privateKeyJwk));
+        return data.map((d) => (0, exports.decryptData)(d, privateKeyJwk, encryptKeys));
     }
@@ -45,3 +45,3 @@ if (type === "object") {
         }
-        const decryptedData = (0, utils_1.createDecryptedObject)(data, privateKeyJwk);
+        const decryptedData = (0, utils_1.createDecryptedObject)(data, privateKeyJwk, encryptKeys);
         decryptedData._id = id;
@@ -48,0 +48,0 @@ return decryptedData;

dist/utils/index.d.ts

@@ -5,4 +5,4 @@ import "dotenv/config";
 export declare const encryptKey: (key: string, privateKeyJwk: PrivateKeyJwk) => string;
-export declare const createEncryptedObject: (data: any, privateKeyJwk: PrivateKeyJwk) => any;
-export declare const createDecryptedObject: (data: any, privateKeyJwk: PrivateKeyJwk) => any;
-export declare const createEntrypedQuery: (query: any, privateKeyJwk: PrivateKeyJwk) => any;
+export declare const createEncryptedObject: (data: any, privateKeyJwk: PrivateKeyJwk, encryptKeys?: boolean) => any;
+export declare const createDecryptedObject: (data: any, privateKeyJwk: PrivateKeyJwk, encryptKeys?: boolean) => any;
+export declare const createEntrypedQuery: (query: any, privateKeyJwk: PrivateKeyJwk, encryptKeys?: boolean) => any;

dist/utils/index.js

@@ -6,3 +6,2 @@ "use strict";
 const cipher_1 = require("../cipher/cipher");
-const encryptKeys = process.env.ENCRYPT_KEYS === "true";
 const encryptKey = (key, privateKeyJwk) => {
@@ -35,3 +34,3 @@ // Supported MongoDB Equality Queries
 exports.encryptKey = encryptKey;
-const traverseAndEncrypt = (data, privateKeyJwk) => {
+const traverseAndEncrypt = (data, privateKeyJwk, encryptKeys = true) => {
     if (typeof data === "string" ||
@@ -43,3 +42,3 @@ typeof data === "boolean" ||
     if (Array.isArray(data)) {
-        return data.map((d) => traverseAndEncrypt(d, privateKeyJwk));
+        return data.map((d) => traverseAndEncrypt(d, privateKeyJwk, encryptKeys));
     }
@@ -51,6 +50,6 @@ if (typeof data === "object") {
                 const encryptedKey = (0, exports.encryptKey)(key, privateKeyJwk);
-                newObject[encryptedKey] = traverseAndEncrypt(data[key], privateKeyJwk);
+                newObject[encryptedKey] = traverseAndEncrypt(data[key], privateKeyJwk, encryptKeys);
             }
             else {
-                newObject[key] = traverseAndEncrypt(data[key], privateKeyJwk);
+                newObject[key] = traverseAndEncrypt(data[key], privateKeyJwk, encryptKeys);
             }
@@ -62,3 +61,3 @@ });
 };
-const createEncryptedObject = (data, privateKeyJwk) => {
+const createEncryptedObject = (data, privateKeyJwk, encryptKeys = true) => {
     const hashedObject = {};
@@ -77,3 +76,3 @@ Object.keys(data).forEach((key) => {
 exports.createEncryptedObject = createEncryptedObject;
-const traverseAndDecrypt = (data, privateKeyJwk) => {
+const traverseAndDecrypt = (data, privateKeyJwk, encryptKeys = true) => {
     if (typeof data === "string" ||
@@ -85,3 +84,3 @@ typeof data === "boolean" ||
     if (Array.isArray(data)) {
-        return data.map((d) => traverseAndDecrypt(d, privateKeyJwk));
+        return data.map((d) => traverseAndDecrypt(d, privateKeyJwk, encryptKeys));
     }
@@ -93,6 +92,6 @@ if (typeof data === "object") {
                 const decryptedKey = (0, cipher_1.decrypt)(key, privateKeyJwk);
-                newObject[decryptedKey] = traverseAndDecrypt(data[key], privateKeyJwk);
+                newObject[decryptedKey] = traverseAndDecrypt(data[key], privateKeyJwk, encryptKeys);
             }
             else {
-                newObject[key] = traverseAndDecrypt(data[key], privateKeyJwk);
+                newObject[key] = traverseAndDecrypt(data[key], privateKeyJwk, encryptKeys);
             }
@@ -104,3 +103,3 @@ });
 };
-const createDecryptedObject = (data, privateKeyJwk) => {
+const createDecryptedObject = (data, privateKeyJwk, encryptKeys = true) => {
     const decryptedObject = {};
@@ -119,4 +118,4 @@ Object.keys(data).forEach((key) => {
 exports.createDecryptedObject = createDecryptedObject;
-const createEntrypedQuery = (query, privateKeyJwk) => {
-    const encryptedQuery = (0, exports.createEncryptedObject)(query, privateKeyJwk);
+const createEntrypedQuery = (query, privateKeyJwk, encryptKeys = true) => {
+    const encryptedQuery = (0, exports.createEncryptedObject)(query, privateKeyJwk, encryptKeys);
     return encryptedQuery;
@@ -123,0 +122,0 @@ };

dist/utils/utils.test.js

@@ -6,3 +6,3 @@ "use strict";
 const cipher_1 = require("../cipher/cipher");
-const keys_1 = require("../__tests__/keys");
+const keys_1 = require("../testingUtils/keys");
 describe("hashing", () => {
@@ -23,3 +23,3 @@ it("can hash with same value and same seed to produce same output", () => tslib_1.__awaiter(void 0, void 0, void 0, function* () {
 describe("hashing payload to make it seachable", () => {
-    xit("can hash with same value and different seed to produce different outputs without hashing keys", () => tslib_1.__awaiter(void 0, void 0, void 0, function* () {
+    it("can hash with same value and different seed to produce different outputs without hashing keys", () => tslib_1.__awaiter(void 0, void 0, void 0, function* () {
         const objectToHash = {
@@ -64,4 +64,4 @@ id: "urn:uuid:123",
         };
-        const hashedVersionOne = (0, _1.createEncryptedObject)(Object.assign({}, objectToHash), keys_1.privateKeyJwk);
-        const hashedVersionTwo = (0, _1.createEncryptedObject)(Object.assign({}, objectToHash), keys_1.privateKeyJwkTwo);
+        const hashedVersionOne = (0, _1.createEncryptedObject)(Object.assign({}, objectToHash), keys_1.privateKeyJwk, false);
+        const hashedVersionTwo = (0, _1.createEncryptedObject)(Object.assign({}, objectToHash), keys_1.privateKeyJwkTwo, false);
         const objectOneKeys = Object.keys(hashedVersionOne);
@@ -68,0 +68,0 @@ const objectTwoKeys = Object.keys(hashedVersionTwo);

package.json

@@ -6,3 +6,3 @@ {
   "license": "Apache-2.0",
-  "version": "1.0.2",
+  "version": "1.0.3",
   "main": "dist/index.js",
@@ -9,0 +9,0 @@ "typings": "dist/index.d.ts",

README.md

@@ -18,3 +18,4 @@ # Mongo Encrypted Query
 - Data: This is the data you want to encrypt.
-- Private Key JWK: This is the key you want to use for encryption
+- Private Key JWK: This is the key you want to use for encryption.
+- Enrypt Keys: This is a boolean flag you can set to control if the keys of the object should also be encrypted. This is `true` by default.
 
@@ -31,2 +32,3 @@ This function is to be used whenever you are saving data into the database. You are expected to pass into this function the data to be saved and the private key you are going to use to encrypt the data to make the data queryable.
 - Private Key JWK: This is the key you used to encrypt the data you saved to MongoDB.
+- Enrypt Keys: This is a boolean flag you can set to control if the keys of the object should also be encrypted. This is `true` by default.
 - Prefix: This is the key the data is saved under. If you are saving the data to MongoDB as it comes out of `encryptData` you do not need to provide this parameter.
@@ -42,2 +44,3 @@
 - Private Key JWK: This is the key you used to encrypt the data you saved to MongoDB.
+- Enrypt Keys: This is a boolean flag you can set to control if the keys of the object should also be encrypted. This is `true` by default.
 
@@ -111,6 +114,4 @@ This function is used to decrypt the data returned from MongoDB. This function is expecting the data returned from MongoDB, the private key you will use to decrypt the data.
 ## Encrypting Keys
-In order to encrypt your keys in your database along with the values, you must set the `ENCRYPT_KEYS` `ENV` var to be `'true'`.
+All keys are encrypted by default unless you set `encryptKeys` to `false` when using any of the operations in the package.
 
 If you are not worried about the keys being readable in the database you can opt out of encrypting them. One benefit of doing this would be it will allow you to build indexes on fields to speed up queries.
-
-To opt-out of having your keys encrypted, make sure you set your `ENCRYPT_KEYS` `ENV` var to anything but `'true'` or you do no provide it at all.

src/index.ts

@@ -13,5 +13,6 @@ import {
   privateKeyJwk: PrivateKeyJwk,
+  encryptKeys: boolean = true,
   prefix?: string
 ) => {
-  const encryptedQuery = createEntrypedQuery(query, privateKeyJwk);
+  const encryptedQuery = createEntrypedQuery(query, privateKeyJwk, encryptKeys);
   if (prefix) {
@@ -29,11 +30,16 @@ const prefixedEncryptedQuery: any = {};
   data: Data | any,
-  privateKeyJwk: PrivateKeyJwk
+  privateKeyJwk: PrivateKeyJwk,
+  encryptKeys: boolean = true
 ): any => {
   const type = typeof data;
   if (Array.isArray(data)) {
-    return data.map((d: any) => encryptData(d, privateKeyJwk));
+    return data.map((d: any) => encryptData(d, privateKeyJwk, encryptKeys));
   }
 
   if (type === "object") {
-    const encryptedData = createEncryptedObject(data, privateKeyJwk);
+    const encryptedData = createEncryptedObject(
+      data,
+      privateKeyJwk,
+      encryptKeys
+    );
     return encryptedData;
@@ -46,7 +52,8 @@ }
   data: Data | any,
-  privateKeyJwk: PrivateKeyJwk
+  privateKeyJwk: PrivateKeyJwk,
+  encryptKeys: boolean = true
 ): any => {
   const type = typeof data;
   if (Array.isArray(data)) {
-    return data.map((d: any) => decryptData(d, privateKeyJwk));
+    return data.map((d: any) => decryptData(d, privateKeyJwk, encryptKeys));
   }
@@ -62,3 +69,4 @@
       data,
-      privateKeyJwk as PrivateKeyJwk
+      privateKeyJwk as PrivateKeyJwk,
+      encryptKeys
     );
@@ -65,0 +73,0 @@ decryptedData._id = id;

src/utils/index.ts

@@ -7,4 +7,2 @@ import "dotenv/config";
 
-const encryptKeys = (process.env.ENCRYPT_KEYS as string) === "true";
-
 export const encryptKey = (key: string, privateKeyJwk: PrivateKeyJwk) => {
@@ -36,3 +34,7 @@ // Supported MongoDB Equality Queries
 
-const traverseAndEncrypt = (data: any, privateKeyJwk: PrivateKeyJwk): any => {
+const traverseAndEncrypt = (
+  data: any,
+  privateKeyJwk: PrivateKeyJwk,
+  encryptKeys: boolean = true
+): any => {
   if (
@@ -46,3 +48,5 @@ typeof data === "string" ||
   if (Array.isArray(data)) {
-    return data.map((d: any) => traverseAndEncrypt(d, privateKeyJwk));
+    return data.map((d: any) =>
+      traverseAndEncrypt(d, privateKeyJwk, encryptKeys)
+    );
   }
@@ -54,5 +58,13 @@ if (typeof data === "object") {
         const encryptedKey = encryptKey(key, privateKeyJwk);
-        newObject[encryptedKey] = traverseAndEncrypt(data[key], privateKeyJwk);
+        newObject[encryptedKey] = traverseAndEncrypt(
+          data[key],
+          privateKeyJwk,
+          encryptKeys
+        );
       } else {
-        newObject[key] = traverseAndEncrypt(data[key], privateKeyJwk);
+        newObject[key] = traverseAndEncrypt(
+          data[key],
+          privateKeyJwk,
+          encryptKeys
+        );
       }
@@ -67,3 +79,4 @@ });
   data: any,
-  privateKeyJwk: PrivateKeyJwk
+  privateKeyJwk: PrivateKeyJwk,
+  encryptKeys: boolean = true
 ) => {
@@ -82,3 +95,7 @@ const hashedObject: any = {};
 
-const traverseAndDecrypt = (data: any, privateKeyJwk: PrivateKeyJwk): any => {
+const traverseAndDecrypt = (
+  data: any,
+  privateKeyJwk: PrivateKeyJwk,
+  encryptKeys: boolean = true
+): any => {
   if (
@@ -92,3 +109,5 @@ typeof data === "string" ||
   if (Array.isArray(data)) {
-    return data.map((d: any) => traverseAndDecrypt(d, privateKeyJwk));
+    return data.map((d: any) =>
+      traverseAndDecrypt(d, privateKeyJwk, encryptKeys)
+    );
   }
@@ -100,5 +119,13 @@ if (typeof data === "object") {
         const decryptedKey = decrypt(key, privateKeyJwk);
-        newObject[decryptedKey] = traverseAndDecrypt(data[key], privateKeyJwk);
+        newObject[decryptedKey] = traverseAndDecrypt(
+          data[key],
+          privateKeyJwk,
+          encryptKeys
+        );
       } else {
-        newObject[key] = traverseAndDecrypt(data[key], privateKeyJwk);
+        newObject[key] = traverseAndDecrypt(
+          data[key],
+          privateKeyJwk,
+          encryptKeys
+        );
       }
@@ -113,3 +140,4 @@ });
   data: any,
-  privateKeyJwk: PrivateKeyJwk
+  privateKeyJwk: PrivateKeyJwk,
+  encryptKeys: boolean = true
 ) => {
@@ -133,6 +161,11 @@ const decryptedObject: any = {};
   query: any,
-  privateKeyJwk: PrivateKeyJwk
+  privateKeyJwk: PrivateKeyJwk,
+  encryptKeys: boolean = true
 ) => {
-  const encryptedQuery = createEncryptedObject(query, privateKeyJwk);
+  const encryptedQuery = createEncryptedObject(
+    query,
+    privateKeyJwk,
+    encryptKeys
+  );
   return encryptedQuery;
 };

src/utils/utils.test.ts

 import { PrivateKeyJwk } from "../types";
 import { createEncryptedObject } from ".";
 import { encrypt } from "../cipher/cipher";
-import { privateKeyJwk, privateKeyJwkTwo } from "../__tests__/keys";
+import { privateKeyJwk, privateKeyJwkTwo } from "../testingUtils/keys";
 
@@ -22,3 +22,3 @@ describe("hashing", () => {
 describe("hashing payload to make it seachable", () => {
-  xit("can hash with same value and different seed to produce different outputs without hashing keys", async () => {
+  it("can hash with same value and different seed to produce different outputs without hashing keys", async () => {
     const objectToHash = {
@@ -65,7 +65,9 @@ id: "urn:uuid:123",
       { ...objectToHash },
-      privateKeyJwk as PrivateKeyJwk
+      privateKeyJwk as PrivateKeyJwk,
+      false
     );
     const hashedVersionTwo = createEncryptedObject(
       { ...objectToHash },
-      privateKeyJwkTwo as PrivateKeyJwk
+      privateKeyJwkTwo as PrivateKeyJwk,
+      false
     );
@@ -72,0 +74,0 @@ const objectOneKeys = Object.keys(hashedVersionOne);

New alerts

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Fixed alerts

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

132276

increased by1.87%

Lines of code

1705

increased by2.65%

Number of lines in readme file

114

increased by0.88%

Number of low supply chain risk alerts

1

decreased by-50%

No dependency changes