kms-json

Package Overview

Dependencies

Maintainers

Versions

Alerts

File Explorer

Advanced tools

License

Install Socket

Detect and block malicious and high-risk dependencies

Install

kms-json

Encrypting and decrypting JSON objects using AWS Key Management Service (KMS) customer master keys

latest

Source

npm

Version: 1.1.1

Version published: 8 years ago

Maintainers: 1

Created: 9 years ago

Source

kms-json

Node.JS module for encrypting and decrypting JSON objects using AWS Key Management Service (KMS) customer master keys.

A CLI wrapper is also available.

Usage

Install the package: npm install kms-json
Require and instantiate kms-json:
```
const KmsJson = require('kms-json');
const kmsJson = new KmsJson({
  awsKmsSettings: {
    accessKeyId: 'AKIAIOSFODNN7EXAMPLE',
    secretAccessKey: 'wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY',
    region: 'us-east-1'
  },
  keyId: 'arn:aws:kms:us-east-1:123456:key/a7c08fe1-b767-4883-8c94-85726'
});
```

Supported options:

Name	Type	Description
awsKmsSettings	Object	Settings object passed into the `AWS.KMS` constructor as defined in AWS Javascript SDK. Can be used to specify credentials, region, API version, etc. Default: `{}`
keyId	string	Cutomer master key's Amazon Resource Name (ARN) or unique key id (See AWS Javascript SDK, `KeyId`). Required
encoding	string	Character encoding to represent the encrypted string. Default: `'base64'` See Node.JS Buffer API

Encrypt a JSON object:

const encrypted = yield kmsJson.encrypt({
  fullName: 'John Connor',
  userId: 123,
  isActive: true
});
console.log(encrypted);
// outputs a string like "AQECAHgNzJL58IXknWSXEuLX+0y9U4qC...rilpa8RMxzFV1"
// depending on the key, payload size, and encoding

Decrypt an encrypted JSON object:

const decrypted = yield kmsJson.decrypt(encrypted);
console.log(decrypted);
// outputs { fullName: 'John Connor', userId: 123, isActive: true }

CLI

node cli -h

[json-object] | node cli  -r [region] -k [access-key-id] -s [secret-access-key]
-m ["decrypt" OR "encrypt"] -y [kms-key-id] -c [encoding]

Options:
  -m, --mode               Mode       [required] [choices: "encrypt", "decrypt"]
  -r, --region             AWS Region                                 [required]
  -k, --access-key-id      AWS Access Key Id                          [required]
  -s, --secret-access-key  AWS Secret Access Key                      [required]
  -y, --kms-key-id         AWS KMS key id                             [required]
  -c, --encoding           Encoding of ciphertext                     [required]
  -h, --help               Show help                                   [boolean]

More examples at http://github.com/AlexanderMS/kms-json

Encrypt:

$ echo '{"fullName": "John Connor", "userId": 123, "isActive": true }' | node cli -r "us-east-1" -y "arn:aws:kms:us-east-1:123456:key/a7c08fe1-b767-4883-8c94-85726" -k "AKIAIOSFODNN7EXAMPLE" -s "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY" -m encrypt -c "base64"
Provided JSON:
{
  "fullName": "John Connor",
  "userId": 123,
  "isActive": true
}
Specified encoding: base64
Encrypting...
AQECAHgNzJL58IXknWSXEuLX+0y9U4qCdOkGemXt5OM+6ba0aAAAAKkwgaYGCSqGSIb3DQEHBqCBmDCBlQIBADCBjwYJKoZIhvcNAQcBMB4GCWCGSAFlAwQBLjARBAzkDMa60HA8ePR8vIECARCAYssYOWcDTa6SfQRce2brSAZuDZS2TdJGksWyXvSiILLOgRKlyigZKbImXlboeYzIUDeSwivIBprmC1glq+3UrTRoPl+fZRJA4wjnBhBeVyCjEBQhmsFl1warilpa8RMxzFV1

Decrypt:

$ echo 'AQECAHgNzJL58IXknWSXEuLX+0y9U4qCdOkGemXt5OM+6ba0aAAAAKkwgaYGCSqGSIb3DQEHBqCBmDCBlQIBADCBjwYJKoZIhvcNAQcBMB4GCWCGSAFlAwQBLjARBAzkDMa60HA8ePR8vIECARCAYssYOWcDTa6SfQRce2brSAZuDZS2TdJGksWyXvSiILLOgRKlyigZKbImXlboeYzIUDeSwivIBprmC1glq+3UrTRoPl+fZRJA4wjnBhBeVyCjEBQhmsFl1warilpa8RMxzFV1' | node cli -r "us-east-1" -y "arn:aws:kms:us-east-1:123456:key/a7c08fe1-b767-4883-8c94-85726" -k "AKIAIOSFODNN7EXAMPLE" -s "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY" -m decrypt -c "base64"
Provided ciphertext:
AQECAHgNzJL58IXknWSXEuLX+0y9U4qCdOkGemXt5OM+6ba0aAAAAKkwgaYGCSqGSIb3DQEHBqCBmDCBlQIBADCBjwYJKoZIhvcNAQcBMB4GCWCGSAFlAwQBLjARBAzkDMa60HA8ePR8vIECARCAYssYOWcDTa6SfQRce2brSAZuDZS2TdJGksWyXvSiILLOgRKlyigZKbImXlboeYzIUDeSwivIBprmC1glq+3UrTRoPl+fZRJA4wjnBhBeVyCjEBQhmsFl1warilpa8RMxzFV1
Specified encoding:  base64
Decrypting...
{"fullName": "John Connor", "userId": 123, "isActive": true }

For Windows command line (cmd.exe), do not wrap the piped input with quotes, i.e., replace '{"fullName": "John Connor"... }' with {"fullName": "John Connor"... }

Keywords

aws

kms

aws kms

key management service

json

encrypt

FAQs

What is kms-json?

Is kms-json well maintained?

Package last updated on 10 Apr 2017

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

kms-json

kms-json

Usage

CLI

Keywords

Related posts

DuckDB npm Account Compromised in Continuing Supply Chain Attack

MCP Steering Committee Launches Official MCP Registry in Preview