https://github.com/aegisjsproject/secret-store
Proxy-based wrapper for encrypting and decrypting data over any storage object
https://github.com/aegisjsproject/secret-store
Last synced: 3 months ago
JSON representation
Proxy-based wrapper for encrypting and decrypting data over any storage object
- Host: GitHub
- URL: https://github.com/aegisjsproject/secret-store
- Owner: AegisJSProject
- License: mit
- Created: 2025-08-28T22:32:12.000Z (10 months ago)
- Default Branch: master
- Last Pushed: 2025-10-04T15:03:04.000Z (9 months ago)
- Last Synced: 2025-10-04T17:20:17.261Z (9 months ago)
- Language: JavaScript
- Homepage: https://www.npmjs.com/package/@aegisjsproject/secret-store
- Size: 375 KB
- Stars: 0
- Watchers: 0
- Forks: 0
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- Contributing: .github/CONTRIBUTING.md
- Funding: .github/FUNDING.yml
- License: LICENSE
- Code of conduct: .github/CODE_OF_CONDUCT.md
- Codeowners: .github/CODEOWNERS
Awesome Lists containing this project
README
# `@aegisjsproject/secret-store`
Proxy-based wrapper for encrypting and decrypting data over any storage object
[](https://github.com/shgysk8zer0/npm-template/actions/workflows/codeql-analysis.yml)
[](https://@github.com/AegisJSProject/secret-store/blob/master/LICENSE)
[](https://@github.com/AegisJSProject/secret-store/commits/master)
[](https://@github.com/AegisJSProject/secret-store/releases)
[](https://github.com/sponsors/shgysk8zer0)
[](https://www.npmjs.com/package/@aegisjsproject/secret-store)
[](https://www.npmjs.com/package/@aegisjsproject/secret-store)
[](https://github.com/AegisJSProject)
[](https://twitter.com/shgysk8zer0)
[](https://liberapay.com/shgysk8zer0/donate "Donate using Liberapay")
- - -
- [Code of Conduct](./.github/CODE_OF_CONDUCT.md)
- [Contributing](./.github/CONTRIBUTING.md)
## Installation
### npm
```bash
npm install @aegisjsproject/secret-store
```
### ``
```html
<script type="importmap">
{
"imports": {
"@aegisjsproject/secret-store": "https://unpkg.com/@aegisjsproject/secret-store/secret-store.min.js",
"@shgysk8zer0/aes-gcm": "https://unpkg.com/@shgysk8zer0/aes-gcm/aes-gcm.min.js"
}
}
```
## API
### `useSecretStore(key, targetObject, handler)`
Creates an encrypted proxy around an object where values are automatically encrypted on set and decrypted on get.
**Parameters:**
- `key` - CryptoKey with decrypt usage (encrypt usage required for setter)
- `targetObject` - Object to wrap (defaults to `process.env`)
- `handler` - ProxyHandler (defaults to `Reflect`)
**Returns:** `[proxy, setter]` - Frozen array containing the proxy and async setter function
**Throws:** TypeError if key lacks decrypt usage
### `openSecretStoreFile(key, path, config)`
Node.js only. Loads and wraps a JSON file as an encrypted store.
**Parameters:**
- `key` - CryptoKey
- `path` - File path string
- `config.encoding` - File encoding (default: "utf8")
- `config.handler` - ProxyHandler (default: `Reflect`)
- `config.signal` - AbortSignal for cancellation
**Returns:** Promise resolving to `[proxy, setter]`
## Usage
```js
import { useSecretStore, openSecretStoreFile } from '@aegisjsproject/secret-store';
// Generate key
const key = await crypto.subtle.generateKey(
{ name: 'AES-GCM', length: 256 },
false,
['encrypt', 'decrypt']
);
// Create store
const [store, set] = useSecretStore(key, {});
// Values are encrypted when set, decrypted when accessed
await set('password', 'secret123');
const password = await store.password; // 'secret123'
// Load from file (Node.js)
const [fileStore] = await openSecretStoreFile(key, './secrets.json');
```