GitHub - emilbayes/secure-read-key: Read a key safely into a secure, read-only Buffer
Skip to content

emilbayes/secure-read-key

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

secure-read-key

Build Status

Read a key safely into a secure, read-only Buffer

A piece in the puzzle towards secure-key-management

Usage

var readKey = require('secure-read-key')

var destroy = readKey(32, 'keypair.secret', function (err, key) {
  if (err) throw err

  // key is read-only, any writes to `key` will kill our program

  // Once we're done with the key, let's destroy it
  destroy()

  // Any further access to `key` will kill our program
})

⚠️ Warnings:

  • The key is read-only. Any writes to it will crash your program with no mercy
  • Once the key is destroyed, any access to it (whether read or write) will crash your program with no mercy

API

var destroy = readKey(bytes, path, cb(err, secureKeyBuf))

bytes must be a safe integer at least 0, path must be a valid 1st argument to fs.open and cb must be given.

Causes of error can be:

  • The file cannot be opened in read mode (maybe the file doesn't exist or is a dir)
  • The file cannot be read
  • The number of bytes read did not match the expected number of bytes

Note that the secureKeyBuf looks like a normal Buffer, but has some extra properties. You can read more about Secure Buffers on secure-key-management Be wary about using any of the default Buffer operations on this Secure Buffer.

To explicitly release the key and it's content, call the returned destroy method, which will safely wipe the key from memory and mark it for no access, to prevent any accidental misuse.

Install

npm install secure-read-key

License

ISC

About

Read a key safely into a secure, read-only Buffer

Resources

License

Stars

Watchers

Forks

Packages

No packages published