Skip to content
/ secure-key-management Public

A collection of modules for securely working with cryptographic keys and secrets

License

ISC license
33 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

emilbayes/secure-key-management

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
index.js
index.js
 
 
package.json
package.json
 
 

Repository files navigation

secure-key-managment

A collection of modules for securely working with cryptographic keys and secrets

Goals

It is important that you understand the goals and short-comings of this module, so you can effectively incorporate it into your security model.

  • This is not a replacement for a Hardware-Secure Module (HSM), which provides a physical trust boundary around your keys.
  • This module is intended to provide secure defaults for storing keys on disk, retrieval into memory and management while kept in memory. It does so by:
    • Setting highly restricted access permissions for files on disk (0400).
    • It uses Secure Buffers extensively. Keys are read directly from disk into secure memory, appropriate memory protection is applied to avoid accidental or malicious access, keys are never swapped to disk nor will they appear in core dumps.
    • Misuse is considered a fatal error and will crash the program. Fatal errors include:
      • Reading an unexpected number of key bytes
      • Changing bytes of a key
      • Accessing a key after it has been destroyed

Usage

WIP - A unified API will eventually surface, composed of the following modules:

Secure Buffers

The modules in this suite use the Secure Buffers from sodium-native extensively. Secure Buffers are a wrapper around libsodium secure memory, but with the same interface as normal Node.js Buffers.

Secure Buffers take more space than normal buffers, but with the benefit that overflows and underflows are detected and that data is destroyed when the memory is released (eg. garbage collected in Node.js). Secure memory is also marked as not being swappable, meaning the OS will not write it to disk when swapping pages in and out of main memory, which could lead to accidental exposure. Secure memory is also masked in case of a core dump. Secure memory can also have memory protection applied, so you can control noaccess, readonly and readwrite state of the memory, crashing the process if these protections are broken.

Be aware that even though it has the same API as normal Buffers, only the read operations should be used, and that reading data out of the Buffer may break any security guarantees, except when passed to a function that can work directly with the underlying memory.

Install

npm install secure-key-managment

License

ISC

About

A collection of modules for securely working with cryptographic keys and secrets

Resources

Readme

License

ISC license
Activity

Stars

33 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases

2 tags

Packages

No packages published

Languages