├── LICENSE ├── README.md ├── index.js └── package.json /LICENSE: -------------------------------------------------------------------------------- 1 | Copyright (c) 2017, Emil Bay 2 | 3 | Permission to use, copy, modify, and/or distribute this software for any 4 | purpose with or without fee is hereby granted, provided that the above 5 | copyright notice and this permission notice appear in all copies. 6 | 7 | THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 8 | WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 9 | MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 10 | ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 11 | WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 12 | ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 13 | OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 14 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # `secure-key-managment` 2 | 3 | > A collection of modules for securely working with cryptographic keys and secrets 4 | 5 | ## Goals 6 | 7 | It is important that you understand the goals and short-comings of this module, 8 | so you can effectively incorporate it into your security model. 9 | 10 | * This is not a replacement for a Hardware-Secure Module (HSM), which provides 11 | a physical trust boundary around your keys. 12 | * This module is intended to provide secure defaults for storing keys on disk, 13 | retrieval into memory and management while kept in memory. It does so by: 14 | * Setting highly restricted access permissions for files on disk (`0400`). 15 | * It uses [Secure Buffers]() extensively. Keys are read directly from disk 16 | into secure memory, appropriate memory protection is applied to avoid 17 | accidental or malicious access, keys are never swapped to disk nor will they 18 | appear in core dumps. 19 | * Misuse is considered a fatal error and will crash the program. Fatal errors 20 | include: 21 | - Reading an unexpected number of key bytes 22 | - Changing bytes of a key 23 | - Accessing a key after it has been destroyed 24 | 25 | ## Usage 26 | 27 | WIP - A unified API will eventually surface, composed of the following modules: 28 | 29 | * [`secure-create-key`](https://github.com/emilbayes/secure-create-key) 30 | * [`secure-destroy-key`](https://github.com/emilbayes/secure-destroy-key) 31 | * [`secure-read-key`](https://github.com/emilbayes/secure-read-key) 32 | 33 | ## Secure Buffers 34 | 35 | The modules in this suite use the Secure Buffers from 36 | [`sodium-native`](https://github.com/sodium-friends/sodium-native) extensively. 37 | Secure Buffers are a wrapper around `libsodium` secure memory, but with the same 38 | interface as normal Node.js `Buffer`s. 39 | 40 | Secure Buffers take more space than normal buffers, but with the benefit that 41 | overflows and underflows are detected and that data is destroyed when the memory 42 | is released (eg. garbage collected in Node.js). Secure memory is also 43 | marked as not being swappable, meaning the OS will not write it to disk when 44 | swapping pages in and out of main memory, which could lead to accidental 45 | exposure. Secure memory is also masked in case of a core dump. Secure memory can 46 | also have memory protection applied, so you can control `noaccess`, `readonly` 47 | and `readwrite` state of the memory, crashing the process if these protections 48 | are broken. 49 | 50 | Be aware that even though it has the same API as normal `Buffer`s, only the read 51 | operations should be used, and that reading data out of the Buffer may break any 52 | security guarantees, except when passed to a function that can work directly 53 | with the underlying memory. 54 | 55 | ## Install 56 | 57 | ```sh 58 | npm install secure-key-managment 59 | ``` 60 | 61 | ## License 62 | 63 | [ISC](LICENSE) 64 | -------------------------------------------------------------------------------- /index.js: -------------------------------------------------------------------------------- 1 | module.exports = { 2 | create: require('secure-create-key'), 3 | read: require('secure-read-key'), 4 | destroy: require('secure-destroy-key') 5 | } 6 | -------------------------------------------------------------------------------- /package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "secure-key-management", 3 | "version": "0.1.0", 4 | "description": "A collection of modules for securely working with cryptographic keys and secrets", 5 | "main": "index.js", 6 | "dependencies": { 7 | "secure-create-key": "^1.0.1", 8 | "secure-destroy-key": "^1.0.1", 9 | "secure-read-key": "^1.0.1" 10 | }, 11 | "devDependencies": { 12 | "tape": "^4.8.0" 13 | }, 14 | "scripts": { 15 | "test": "tape test.js" 16 | }, 17 | "repository": { 18 | "type": "git", 19 | "url": "git+https://github.com/emilbayes/secure-key-management.git" 20 | }, 21 | "keywords": [], 22 | "author": "Emil Bay ", 23 | "license": "ISC", 24 | "bugs": { 25 | "url": "https://github.com/emilbayes/secure-key-management/issues" 26 | }, 27 | "homepage": "https://github.com/emilbayes/secure-key-management#readme" 28 | } 29 | --------------------------------------------------------------------------------