Web Crypto Storage
A tiny promise-based crypto keyval storage using IndexedDB and the native Web Crypto API
This is a tiny promise-based crypto keyval storage using IndexedDB and the native Web Crypto API, having just two small dependencies: IDB for a better devxp using IndexedDB and Web Crypto Tools for a better devxp using the Web Crypto API.
This crypto storage not only encrypt/decrypt the data but also checks for integrity, verifying if the stored data were manually updated. It uses the default crypto algorithms on Web Crypto Tools, which are
PBKDF2 for hashing and key derivation and
AES-GCM for encryption, with the option to customize the used salt and encrypt iterations. The base crypto key is safely used in memory and never stored locally, if at the next session the base crypto key is lost, the data cannot be decrypted back to the original value.
This project depends on the browser implementation of Crypto API and TextEncoder API, which are both current implemented on all green browsers. If you do need to support any older browser, you should look for available polyfills.
You can play with a full feature demo on our Github Pages.
Install the project
npm install @webcrypto/storage --save
Store your crypto data
// Create a new instance of the crypto storage and give it a key! // You normally would never hard code this crypto key, it normally // should come from the user password or some server integration const cryptoStore = new CryptoStorage('my crypto key'); // Secure store your data locally fully encrypted const originalValue = 'any data value'; await cryptoStore.set('data key', originalValue); // Look at the browser dev tools from IndexedDb, // you will not be able to read the data key or value. // Then, retrieve your original data decrypted again: const decryptedValue = await cryptoStore.get('data key'); expect(decryptedValue).toEqual(originalValue);
You should check our GitHub Pages for all available APIs and options.