Web Crypto Store
This is a tiny promise-based crypto keyval store using IndexDB and the native Web Crypto API, having just two small dependencies: IDB for a better devxp using IndexDB and Web Crypto Tools for a better devxp using the Web Crypto API.
This crypto store not only encrypt/decrypt the data but also checks for integrity, verifying if the stored data were manually updated. It uses the default crypto algorithms on Web Crypto Tools, which are PBKDF2
for hashing and key derivation and AES-GCM
for encryption, with the option to customize the used salt and encrypt iterations. The base crypto key is safely used in memory and never stored locally, if at the next session the base crypto key is lost, the data cannot be decrypted back to the original value.
This project depends on the browser implementation of Crypto API and TextEncoder API, which are both current implemented on all green browsers. If you do need to support any older browser, you should look for available polyfills.
Usage
Install the project
npm install @webcrypto/store --save
Store your crypto data
// create a new instance of the crypto store
const cryptoStore = new CryptoStorage('my raw key');
// secure store your data locally fully encrypted
const originalValue = 'any data value';
await cryptoStore.save('my key', originalValue);
// retrieve your original data decrypted again
const decryptedValue = await cryptoStore.load('my key');
expect(decryptedValue).toEqual(originalValue);
Documentation
You should check our GitHub Pages for all available API and options.
There is a full feature example of use at the code base. The test cases are also quite readable and can be used as example for all the possible API uses.
This project is heavily inspired on Tim Taubert's talk at JSConf EU: Keeping secrets with JavaScript, if you want to better understand what happens under the hood, then watch it out.