Skip to content

Latest commit

 

History

History
63 lines (41 loc) · 1.87 KB

README.md

File metadata and controls

63 lines (41 loc) · 1.87 KB

secure-read-key

Build Status

Read a key safely into a secure, read-only Buffer

A piece in the puzzle towards secure-key-management

Usage

var readKey = require('secure-read-key')

var destroy = readKey(32, 'keypair.secret', function (err, key) {
  if (err) throw err

  // key is read-only, any writes to `key` will kill our program

  // Once we're done with the key, let's destroy it
  destroy()

  // Any further access to `key` will kill our program
})

⚠️ Warnings:

  • The key is read-only. Any writes to it will crash your program with no mercy
  • Once the key is destroyed, any access to it (whether read or write) will crash your program with no mercy

API

var destroy = readKey(bytes, path, cb(err, secureKeyBuf))

bytes must be a safe integer at least 0, path must be a valid 1st argument to fs.open and cb must be given.

Causes of error can be:

  • The file cannot be opened in read mode (maybe the file doesn't exist or is a dir)
  • The file cannot be read
  • The number of bytes read did not match the expected number of bytes

Note that the secureKeyBuf looks like a normal Buffer, but has some extra properties. You can read more about Secure Buffers on secure-key-management Be wary about using any of the default Buffer operations on this Secure Buffer.

To explicitly release the key and it's content, call the returned destroy method, which will safely wipe the key from memory and mark it for no access, to prevent any accidental misuse.

Install

npm install secure-read-key

License

ISC