encrypted-config
Advanced tools
Safely store secrets in configuration objects.
npm install encrypted-config
var EncryptedConfig = require('encrypted-config')
// We'll use a not-so-secure encryption algorithm of reversing the string
var configWithSecrets = {
// by default, keys of secret values are prefixed with an underscore
// the prefix will be removed when the configuration is decrypted
_band: 'traeH eht dna daeH ehT',
$album: 'Let\'s Be Still',
things: {
sounds: {
songs: {
// deep nesting works
_shake: 'yrd nar nep ym ni kni eht lleW',
'homecoming heroes': 'So now I know'
}
}
}
}
function decrypt(encryptedValue, callback) {
// this should be a more secure system
var plaintext = encryptedValue.split('').reverse().join('')
// callback is (err, value), can be async
setImmediate(callback.bind(null, null, plaintext))
}
var encryptedConfig = EncryptedConfig.create(configWithSecrets, decrypt)
// read values via promises
encryptedConfig.read().then(function (config) {
// config is now our converted object with plaintext values and prefixes removed from
// encrypted keys
console.log(config.band)
// 'The Head and the Heart'
console.log(config.things.sounds.songs.shake)
// 'Well the ink in my pen ran dry'
})
// read nested values
encryptedConfig.readPath('band').then(function (band) {
console.log(band)
// 'The Head and the Heart'
})
// no errors if values are not set
encryptedConfig.readPath('path.to.fake.data').then(function (data) {
console.log(data)
// undefined
})
A more reasonable usage would be to store data encrypted with something like AWS's Key Management Service.
function decrypt(encryptedValue, callback) {
var kms = new AWS.KMS()
kms.decrypt({
CiphertextBlob: new Buffer(encryptedValue, 'base64')
}, function (err, result) {
if (err) return callback(err)
callback(null, result.Plaintext.toString())
})
}
var encryptedConfig = EncryptedConfig.create(congigWithSecrets, decrypt)
encryptedConfig.read().then(function (config) {
// all secrets in config have been decrypted via KMS
})
If you don't like underscores as your key prefix, pass {prefix: 'whatever'} as the third argument to EncryptedConfig.create().
FAQs
Safely store secrets in configuration objects.
The npm package encrypted-config receives a total of 1 weekly downloads. As such, encrypted-config popularity was classified as not popular.
We found that encrypted-config demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
require(esm) backported to Node.js 20, easing the transition to ESM-only packages and reducing complexity for developers as Node 18 nears end-of-life.
Security News
PyPI now supports iOS and Android wheels, making it easier for Python developers to distribute mobile packages.
Security News
Create React App is officially deprecated due to React 19 issues and lack of maintenance—developers should switch to Vite or other modern alternatives.