npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@tabcat/encrypted-docstore

v3.0.3

Published

mount encrypted docstores with a key

Downloads

7

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

tabcat00tabcat00

Keywords

orbit-dbencrypteddocstore

Readme

encrypted-docstore

create and mount encrypted orbit-db docstores

DISCLAIMER: cryptography in this repo has been implemented by an amateur and has not been auditted. Please :fire:roast:fire: me in Issues if u find a vulnerability.

NOTE: version 3.0.0 changes how EncryptedDocstore determines the orbitdb address, this is a breaking change. Some changes have been made to the api as well, mostly naming.

TODO: extend the docstore instead of wrap it. make every entry iv deterministic? based off anything unique besides orbit id and clock with the goal of having duplicate entries from different nodes collapse.

Usage

install with npm:

npm install @tabcat/encrypted-docstore

create orbitdb instance: https://github.com/orbitdb/orbit-db/blob/master/README.md#usage

create encrypted docstore:

const EncryptedDocstore = require('@tabcat/encrypted-docstore')

// create the encryption key
const aesKey = EncryptedDocstore.generateKey()

// create the docstore with orbitdb:
const dbConfig = { name:'asdf', options: {} } // type will always be 'docstore'
const encAddr = await EncryptedDocstore.determineAddress(orbitdb, dbConfig, aesKey)
const docstore = await orbitdb.docs(encAddr, dbConfig.options)

const encDocstore = await EncryptedDocstore.mount(docstore, aesKey)
// get,put, del, query all exposed on encDocstore and returned results should be identical to docstore methods

API

EncDoc = EncryptedDocstore

Static Methods:

EncDoc.mount(docstore, aesKey)

mount an encrypted docstore

docstore: orbit docstore made with name from EncDoc.determineEncDbName or address from EncDoc.determineEncDbAddress aesKey: instance of AesKey from generateKey, deriveKey, or importKey static methods.

returns a promise that resolves to an instance of EncDoc

EncDoc.determineAddress(orbitdb, dbConfig, aesKey)

determine the docstore address for the encryptedDocstore, this is adding a way to check the aesKey against the db name

orbitdb: an instance of OrbitDB dbConfig: an object containing name and options for an orbit store settings aesKey: instance of AesKey from generateKey, deriveKey, or importKey static methods.

returns a promise that resolves to an instance of orbit address

EncDoc.keyCheck(encAddr, aesKey)

check if an orbitdb address and aesKey are a match

encAddr: instance of orbit address from EncDoc.determineAddress aesKey: instance of AesKey from generateKey, deriveKey, or importKey static methods.

returns a promise that resolves to a boolean

EncDoc.generateKey([length])

generates a new aesKey

length: number, aesKey length, defaults to 128. can be 128, 192, or 256

returns an instance of AesKey

EncDoc.deriveKey(bytes, salt[, length])

derive an instance of AesKey from bytes and salt, uses PBKDF2 with 10k iterations

bytes: Uint8Array made from randomness or a strong password salt: Uint8Array to be used as salt for deriving the key, optimally a 128bit random value length: number, aesKey length, defaults to 128. can be 128, 192, or 256

returns an instance of AesKey

EncDoc.importKey(rawKey)

import an exported aesKey

rawKey: Uint8Array from EncDoc.exportKey

returns an instance of AesKey

EncDoc.exportKey(aesKey)

export an aesKey

aesKey: instance of AesKey

returns a Uint8Array rawKey

Instance Methods:

  • get, put, del, query all work by encapsulating the whole doc and pass docstore tests for the orbitdb repo: https://github.com/orbitdb/orbit-db/blob/master/test/docstore.test.js

encDoc.get(key)

see: https://github.com/orbitdb/orbit-db/blob/master/API.md#getkey-1

differences:

  • is an async function

encDoc.put(doc)

see: https://github.com/orbitdb/orbit-db/blob/master/API.md#putdoc

no visible differences

encDoc.del(key)

see: https://github.com/orbitdb/orbit-db/blob/master/API.md#delkey-1

no visible differences

encDoc.query(mapper)

see: https://github.com/orbitdb/orbit-db/blob/master/API.md#querymapper

differences:

  • is an async function
  • when calling with option fullOp:
    • the payload.value is the decrypted/decapsulated doc.
    • anything in the fullOp entry relating to hashing the real payload.value will not match the payload.value
  • when not calling with option fullOp:
    • no visible differences