		{
		"name": "@tabcat/encrypted-docstore",
		"version": "1.0.2",
		"description": "mount encrypted docstores with a key",
		"repository": {
		"version": "1.0.3",
		"description": "mount encrypted docstores with a key",
		"repository": {
		"type": "git",
		"url": "https://github.com/tabcat/encrypted-docstore.git"
		},
		"main": "src/encryptedDocstore.js",
		"main": "src/index.js",
		"browser": {
		"./src/node-webcrypto-ossl.js": "./src/webcrypto.js"
		},
		"keywords": [
		@@ -16,3 +19,8 @@ "orbit-db",
		"author": "anderbs@tuta.io",
		"license": "MIT"
		"license": "MIT",
		"dependencies": {
		"bs58": "^4.0.1",
		"node-webcrypto-ossl": "^1.0.48",
		"safe-buffer": "^5.2.0"
		}
		}

README.md

		# encrypted-docstore
		create and mount encrypted orbit docstores in the browser (requires webcrypto)
		create and mount encrypted [orbit-db](https://github.com/orbitdb/orbit-db/) docstores

		DISCLAIMER: cryptography in this repo has been implemented by an amateur and has not been auditted. <br/>Please :fire:roast:fire: me in Issues if u find a vulnerability.

		TODO: use https://github.com/libp2p/js-libp2p-crypto to support node and browser env?
		NOTE: should work in node but haven't tested at all

		@@ -48,51 +48,51 @@ ## Usage

		docstore: orbit docstore made with name from EncDoc.determineEncDbName or address from EncDoc.determineEncDbAddress<br/>
		key: instance of key from src/key.js, made with EncDoc.
		docstore: orbit docstore made with name from EncDoc.determineEncDbName or address from EncDoc.determineEncDbAddress<br/>
		key: instance of key from src/key.js, made with EncDoc.

		>returns a promise that resolves to an instance of EncDoc
		returns a promise that resolves to an instance of EncDoc
		#### EncDoc.determineEncDbName(orbit, dbConfig, key)
		>determine the EncDoc name for a docstore config and key

		orbit: an instance of OrbitDB<br/>
		dbConfig: an object containing name, type and options for an orbit store settings<br/>
		key: instance of Key from src/key.js, made with EncDoc.deriveKey or EncDoc.importKey<br/>
		orbit: an instance of OrbitDB<br/>
		dbConfig: an object containing name, type and options for an orbit store settings<br/>
		key: instance of Key from src/key.js, made with EncDoc.deriveKey or EncDoc.importKey<br/>

		>returns a promise that resolves to a string made of:<br/>
		>`<encrypted original config address root>/<original config address root>` both fields are base58 encoded
		returns a promise that resolves to a string made of:<br/>
		`<encrypted original config address root>/<original config address root>` both fields are base58 encoded
		#### EncDoc.determineEncDbAddress(orbit, dbConfig, key)
		>determine the EncDoc address for a docstore config and key

		orbit: an instance of OrbitDB<br/>
		dbConfig: an object containing name, type and options for an orbit store settings<br/>
		key: instance of Key from src/key.js, made with EncDoc.deriveKey or EncDoc.importKey<br/>
		orbit: an instance of OrbitDB<br/>
		dbConfig: an object containing name, type and options for an orbit store settings<br/>
		key: instance of Key from src/key.js, made with EncDoc.deriveKey or EncDoc.importKey<br/>

		>returns a promise that resolves to an instance of orbit address
		returns a promise that resolves to an instance of orbit address
		#### EncDoc.keyCheck(address, key)
		>check if a key is used for this db address

		address: instance of orbit address<br/>
		key: instance of Key from src/key.js, made with EncDoc.deriveKey or EncDoc.importKey<br/>
		address: instance of orbit address<br/>
		key: instance of Key from src/key.js, made with EncDoc.deriveKey or EncDoc.importKey<br/>

		>returns promise that resolves to a boolean
		returns promise that resolves to a boolean
		#### EncDoc.deriveKey(bytes, salt, [length, [purpose]])
		>derive instance of Key from bytes and salt

		bytes: bytes array made from randomness or a strong password<br/>
		salt: bytes array to be used as salt for deriving the key, recommend using 128bit random value<br/>
		length: number representing cipherblock size, defaults to 128<br/>
		purpose: string that is used in generating the key somehow<br/>
		bytes: bytes array made from randomness or a strong password<br/>
		salt: bytes array to be used as salt for deriving the key, recommend using 128bit random value<br/>
		length: number representing cipherblock size, defaults to 128<br/>
		purpose: string that is used in generating the key somehow<br/>

		>returns an instance of Key
		returns an instance of Key
		#### EncDoc.importKey(rawKey)
		>import a key from raw bytes from EncDoc.exportKey

		rawKey: bytes array from EncDoc.exportKey
		rawKey: bytes array from EncDoc.exportKey

		>returns an instance of Key
		returns an instance of Key
		#### EncDoc.exportKey(key)
		>export a key

		key: instance of Key
		key: instance of Key

		>returns a bytes array that can be used as rawKey in EncDoc.importKey
		returns a bytes array that can be used as rawKey in EncDoc.importKey

		@@ -105,5 +105,4 @@ ### Instance Propterties:


		### Instance Methods:
		> get, put, del, query all work by encapsulating the field it is indexed by (default is \_id) and should behave the same
		- get, put, del, query all work by encapsulating the field it is indexed by (default is \_id) and should behave the same
		#### encDoc.get(key)
		@@ -134,3 +133,1 @@ see: https://github.com/orbitdb/orbit-db/blob/master/API.md#getkey-1
		+ no visible differences

src/key.js


		'use strict'
		const webcrypto = require('./node-webcrypto-ossl')

		@@ -17,3 +18,3 @@ function ab2str(buf) {
		const randomBytes = async (bytesLength) =>
		await crypto.getRandomValues(new Uint8Array(bytesLength))
		await webcrypto.get().getRandomValues(new Uint8Array(bytesLength))

		@@ -43,3 +44,3 @@ const encDocFields = ['_id', 'ciphertext', 'iv']

		static async deriveKey(bytes, salt, length = 128, purpose = 'encryptedDocstore') {
		static async deriveKey(bytes, salt, length = 128, purpose = 'encrypted-docstore') {
		if (bytes === undefined \|\| salt === undefined) {
		@@ -49,3 +50,3 @@ throw new Error('bytes and salt must be defined')
		if (typeof purpose !== 'string') throw new Error('purpose must have type string')
		const hkdf = await crypto.subtle.importKey(
		const hkdf = await webcrypto.get().subtle.importKey(
		'raw',
		@@ -57,3 +58,3 @@ bytes,
		)
		const cryptoKey = await crypto.subtle.deriveKey(
		const cryptoKey = await webcrypto.get().subtle.deriveKey(
		{
		@@ -77,3 +78,3 @@ name: 'HKDF',
		}
		return await crypto.subtle.exportKey('raw', key)
		return await webcrypto.get().subtle.exportKey('raw', key)
		}
		@@ -85,3 +86,3 @@
		}
		const cryptoKey = await crypto.subtle.importKey(
		const cryptoKey = await webcrypto.get().subtle.importKey(
		'raw',
		@@ -104,3 +105,3 @@ rawKey,
		const cipherbytes = new Uint8Array(
		await crypto.subtle.encrypt(algo, this.cryptoKey, bytes)
		await webcrypto.get().subtle.encrypt(algo, this.cryptoKey, bytes)
		)
		@@ -114,3 +115,3 @@ return { cipherbytes, iv }
		const algo = { ...this.cryptoKey.algorithm, iv }
		return await crypto.subtle.decrypt(algo, this.cryptoKey, bytes)
		return await webcrypto.get().subtle.decrypt(algo, this.cryptoKey, bytes)
		}
		@@ -152,2 +153,1 @@
		module.exports = Key

@tabcat/encrypted-docstore - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics

Worsened metrics

Dependency changes