ice-client
Advanced tools
Encrypt your secrets and sensitive data at rest.
Create a Node.JS project with the ICE client
$ git init ice-client-demo && cd ice-client-demo
$ npm init -y
$ npm install ice-client dotenv --save
require('dotenv').config();
var ice = require('ice-client');
ice.encrypt("neuromancer", function(err, ciphertext) {
console.log("ciphertext:", ciphertext.toString('base64'));
ice.decrypt(ciphertext, function(err, plaintext) {
console.log("plaintext:", plaintext.toString());
});
})
Get an ICE access key. The fastest way is through the Heroku ICE Addon.
$ heroku create ice-client-demo
Creating β¬’ ice-client-demo... done
$ heroku addons:add ice
Creating ice on β¬’ ice-client-demo... free
Created ice-corrugated-21355 as ICE_AWS_ACCESS_KEY_ID, ICE_AWS_SECRET_ACCESS_KEY, ICE_ENCRYPTION_CONTEXT, ICE_KEY_ARN
$ heroku config -s
ICE_AWS_ACCESS_KEY_ID=AKIAJ2CNXCVNUZ5UDZAQ
ICE_AWS_SECRET_ACCESS_KEY='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'
ICE_ENCRYPTION_CONTEXT='ctx=night-construct-1443'
ICE_KEY_ARN='arn:aws:kms:us-east-1:178540880712:key/b6b5f625-6603-471a-a6dd-962fa51d4c0a'
$ heroku config -s > .env
Use the ICE client and backing cryptography service to encrypt and decrypt data.
$ node index.js
ciphertext: AQECAHhUH3SgfMwR3l/3GhIC4MjA43IDifWWdSXIVR0nbqnHkwAAAGkwZwYJKoZIhvcNAQcGoFowWAIBADBTBgkqhkiG9w0BBwEwHgYJYIZIAWUDBAEuMBEEDJPX7Xptjiilx9m2AQIBEIAmUMLbAMoVZdoCTNLZMDDiwdt5A5rNx/TrQCvdj6/wTlBP39xBZH0=
plaintext: neuromancer
Apache 2.0
FAQs
Encrypt sensitive data at rest
We found that ice-client demonstrated a not healthy version release cadence and project activity because the last version was released a year ago.Β It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
vlt's new "reproduce" tool verifies npm packages against their source code, outperforming traditional provenance adoption in the JavaScript ecosystem.
Research
Security News
Socket researchers uncovered a malicious PyPI package exploiting Deezerβs API to enable coordinated music piracy through API abuse and C2 server control.
Research
The Socket Research Team discovered a malicious npm package, '@ton-wallet/create', stealing cryptocurrency wallet keys from developers and users in the TON ecosystem.