ancient-tome
A simple tool for storing secrets.
Last updated 5 years ago by kumavis .
ISC · Original npm · Tarball · package.json
$ cnpm install ancient-tome 
SYNC missed versions from official npm registry.

Ancient Tome

A simple tool for storing secrets.

warning

This is under development and has not been audited yet. Currently uses the WebCrypto API, so it only works in modern browsers.

Crypto flow:

These are the cryptograph flows used by AncientTome:

init: salt + password --(bcrypt)--> hash --(AES-GCM)--> AES key
init: salt + password --(bcrypt)--> hash --(HMAC+SHA256)--> HMAC key
obfuscate keys: plainText --(HMAC+SHA256)--> cypherText
encrypt values: plainText --(AES-GCM)--> cypherText

The salt is randomly generated on first use and stored in plaintext. The password is provided by the user and stored in their head.

Usage:

localStorage

If you want to use localStorage a wrapper is provided for you. While localStorage is synchronous, encryption is asynchronous, so read methods require a callback. Write methods have an optional callback called on completion.

var AncientLocal = require('ancient-tome/local')

var secureLocalStorage = AncientLocal()

secureLocalStorage.open(password, function(error) {

  secureLocalStorage.setItem('journal', 'dear diary...', function(err){ ... })
  secureLocalStorage.getItem('bank info', function(err, plaintext){ ... })

})
Custom Storage

You can use whatever key-value storage mechanism you want. Reading non-existant keys should return a falsy value, not error. The first argument of callbacks should be the error or a falsy value. Here is a custom storage example:

var AncientTome = require('ancient-tome')

var myTome = AncientTome()

myTome._get = function(key, cb){ ... }
myTome._set = function(key, value, cb){ ... }
myTome._remove = function(key, cb){ ... }

Extras:

With obfuscated keys, its hard to keep track of what's been stored. Use the TomeIndexer to augment a tome with a simple index. Be sure to do this after if you are overriding get/set methods.

var AncientTome = require('ancient-tome')
var TomeIndexer = require('ancient-tome/indexer')

var myTome = AncientTome()
TomeIndexer(myTome)

myTome.open(password, function(){
  myTome.index() //=> ['journal', 'bank info']
})

Current Tags

  • 1.1.3                                ...           latest (5 years ago)

5 Versions

  • 1.1.3                                ...           5 years ago
  • 1.1.2                                ...           5 years ago
  • 1.1.1                                ...           5 years ago
  • 1.0.1                                ...           5 years ago
  • 1.0.0                                ...           5 years ago
Maintainers (1)
Downloads
Today 0
This Week 0
This Month 0
Last Day 0
Last Week 0
Last Month 1
Dependencies (6)
Dev Dependencies (1)
Dependents (2)

Copyright 2014 - 2016 © taobao.org |