Merge pull request #4 from simonratner/more-docs

simonratner · web-flow · commit 99d90dd55c70 · 2017-10-03T10:49:18.000-07:00
Tweak docs
diff --git a/README.md b/README.md
@@ -13,16 +13,22 @@ Encrypted model attributes in your favourite ORM.
     * 128-bit authentication tag
 * Additional authenticated data:
     * Key id: use different keys for different attributes (or different users),
-      rotate keys over time without re-encrypting
+      rotate keys for new data over time without re-encrypting old data
     * Object id: prevent substitution of encrypted values
 
 All keys should be 32 bytes long, and cryptographically random. Manage these
-keys as you would any other credentials (environment config, keychain, vault).
-Generate keys with:
+keys as you would any other sensitive credentials (environment config, vault,
+keychain). You can generate random keys with this snippet:
 ```
 node -p "require('crypto').randomBytes(32).toString('base64')"
 ```
 
+Refer to [NIST Special Publication 800-38D](http://doi.org/10.6028/NIST.SP.800-38D)
+for additional recommendations. In particular, you should pay attention to
+uniqueness requirements for keys and IVs, and constraints on the number of
+invocations with a given key (Section 8). These should inform key rotation
+policies.
+
 # Threat model
 
 This is designed to protect you from leaking sensitive user data under very
@@ -47,11 +53,109 @@ npm install encrypted-attr
 
 # Use
 
-While this module can be used stand-alone to encrypt individual values (see
-[tests](/test/encrypted-attr.spec.js)), it is designed to be wrapped into a
-plugin or hook for your favourite ORM. Eventually, this package may include
-such plugins for common ORMs, but for now, here's an example of integrating
-with [thinky](https://github.com/neumino/thinky):
+This module can be used stand-alone to encrypt individual values, or wrapped
+into a plugin or hook to your favourite ORM.
+
+Here is a quick example to get started:
+
+```js
+const EncryptedAttributes = require('encrypted-attr')
+
+let encryptedAttributes = EncryptedAttributes(null, {
+  keys: {
+    k1: crypto.randomBytes(32).toString('base64') // use a persistent key
+  },
+  keyId: 'k1'
+})
+
+let secretNumber = '555-55-5555'
+let encryptedNumber = encryptedAttributes.encryptAttribute(null, secretNumber)
+// YWVzLTI1Ni1nY20kJGsx$r2JF/XHvpsgNwJDs$c/P6GwnUZGokEjQ=$sEMv0cyKPBL90mo2zZ1MpQ
+```
+
+### EncryptedAttributes(attributes, options)
+
+Construct an instance to handle encryption and decryption. You should construct
+for each unique set of attributes and keys that you want to encrypt.
+
+| Parameter  | Type             | Required?  | Details                                                                                                                                                                                                                                                    |
+| :--------- | :--------------- | :--------- | :----------------------------                                                                                                                                                                                                                              |
+| attributes | array of strings | _Optional_ | List attributes which should be encrypted.  These can be specified as top-level string keys, or nested paths using dot-separated notation.  This list is used by `encryptAll`/`decryptAll`, and is also useful for creating helper methods on your models. |
+| options    | dictionary       | _Optional_ | See below.                                                                                                                                                                                                                                                 |
+
+These options are supported:
+
+| Option     | Type             | Required?  | Details                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      |
+| :--------- | :--------------- | :--------- | :----------------------------                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |
+| keys       | dictionary       | Required   | Dictionary of all relevant data encryption keys, as `base64` strings.  Since encrypted strings _embed the key id that was used to encrypt them_, it's important that `keys` contains the appropriate key for any previously encrypted data you might run across.                                                                                                                                                                                                                                                                                             |
+| keyId      | string           | Required   | The id of the key to use for all _new encryptions_.  This is not necessarily the only key that will be used for decryptions, because the key id gets embedded into the encrypted string.  When that string is decrypted, this module unpacks that key id and uses it to determine the appropriate decryption key.  This approach allows multiple keys to be used for the same attribute.  (Note that this option is only _technically_ required if you need to encrypt new data. If you are only decrypting existing data, you do not need to provide it.) |
+| verifyId   | boolean          | _Optional_ | Whether or not to (a) use the `id` property of a provided source object as an additional piece of metadata during encryption, and (b) expect that metadata to be embedded in encrypted strings during decryption, and throw an error if the expected id does not match.  Defaults to `false`.                                                                                                                                                                                                                                                                |
+
+
+### encryptAttribute(sourceObject, plaintextString)
+
+Encrypt a value using one of your keys (specifically, the key indicated by the
+`keyId` option specified in the constructor).
+
+Returns the encrypted representation of the value. Does nothing if the provided
+value is already encrypted using this module (so this method is idempotent).
+
+```js
+let encryptedString = encryptAttributes.encryptAttribute(sourceObject, plaintextString)
+```
+
+> `sourceObject` is optional, and only relevant if the `verifyId` option is used;
+otherwise you may pass `null` or `undefined`.
+
+
+### encryptAll(sourceObject)
+
+Encrypt a subset of fields in the provided plain object. The set of fields to
+be encrypted is specified by the array of attribute paths supplied to the
+`EncryptedAttributes` constructor.
+
+Returns the source object with any to-by-encrypted fields replaced by their
+encrypted representation. Note that this method modifies the provided object.
+
+```js
+let partiallyEncryptedObject = encryptedAttributes.encryptAll(sourceObject)
+```
+
+
+### decryptAttribute(sourceObject, encryptedString)
+
+Decrypt a value.
+
+Returns the plaintext string. Does nothing if the provided value does not look
+like it was encrypted using this module (so this method is idempotent).
+
+```js
+let plaintextString = encryptedAttributes.decryptAttribute(sourceObject, encryptedString)
+```
+
+> `sourceObject` is optional, and only relevant if the `verifyId` option is used;
+otherwise you may pass `null` or `undefined`.
+
+
+### decryptAll(sourceObject)
+
+Decrypt a subset of fields in the provided plain object. The set of fields to
+be decrypted is specified by the array of attribute paths supplied to the
+
+Returns the source object with any encrypted fields replaced by their plaintext
+value. Note that this method modifies the provided object.
+
+```js
+let decryptedObject = encryptedAttributes.decryptAll(partiallyEncryptedObject)
+```
+
+
+# Use with an ORM
+
+While this module can be used stand-alone, it is designed to be wrapped into
+a plugin or hook to your favourite ORM. Eventually, this package may include
+such plugins for common ORMs, but for now, here's an example using
+[thinky](https://github.com/neumino/thinky):
 
 ```js
 const EncryptedAttributes = require('encrypted-attr')
@@ -122,89 +226,14 @@ async function storeSomeSecrets (doc) {
   //   id: '543bed92-e241-4151-9d8f-1aa942c36d24',
   //   nested: {
   //     hint: 'colour',
-  //     secret: 'YWVzLTI1Ni1nY20kMSQwMQ==$JvDvLhZ1GlqYgCXx$wQCLkW7u$kt5To2YBdG5USLmtBTHS+g'
+  //     secret: 'YWVzLTI1Ni1nY20k...$NFvcFAaPTDay3uWH$t3G9Jrpy$g+BJT/UvfuboMB3ARiDRIQ'
   //   },
-  //   secret: 'YWVzLTI1Ni1nY20kMSQwMQ==$0n/ZpuUUIHRzAX5H$jbUS$bFRZOEe3mBrnWVQX6DMA3g'
+  //   secret: 'YWVzLTI1Ni1nY20k...$6UdqWqv9ox305Wmt$zyNF$S5BOgZSvMG3H24foFaTQjg'
   // }
 }
 ```
 
 
-### Standalone usage
-
-
-After requiring and invoking this module as shown above, you'll be able to call any of several available methods on the hydrated "encryptedAttributes" object.  Those methods are documented below.
-
-> Alternatively, you can simply chain:
-> 
-> ```js
-> const EncryptedAttributes = require('encrypted-attr');
->
-> var rawSocialSecurityNumber = '555-55-5555';
-> 
-> var encryptedSSN = EncryptedAttributes(['ssn'], {
->   keyId: 'default',
->   keys: { default: 'keyboardcat' }
-> })
-> .encryptAttribute(undefined, '555-55-5555');
-> ```
-
-
-##### encryptAttribute()
-
-Encrypt a string using one of your keys (specifically, the key indicated by the configured `keyId`).
-
-```js
-var encryptedString = ea.encryptAttribute(optionalSourceObj, rawString);
-```
-
-> `optionalSourceObj` is only relevant if the `verifyId` option is enabled. If you don't have that option enabled, you can simply pass in `undefined`.
-
-##### decryptAttribute()
-
-Decrypt a value. 
-
-```js
-var rawString = ea.encryptAttribute(optionalSourceObj, encryptedString)
-```
-
-> `optionalSourceObj` is only relevant if the `verifyId` option is enabled.  If you don't have that option enabled, you can simply pass in `undefined`.
-
-
-##### encryptAll()
-
-Encrypt a subset of the provided dictionary (i.e. plain JavaScript object) of raw, unencrypted values.
-
-```js
-var partiallyEncryptedObj = ea.encryptAll(rawObj)
-```
-
-> Only fields identified in the array of keypaths you passed in during initial setup of this module will actually be encrypted.
-
-
-##### decryptAll()
-
-Decrypt a subset of the provided dictionary of encrypted values.
-
-```js
-var rawObj = ea.decryptAll(partiallyEncryptedObj)
-```
-
-> Only fields identified in the array of keypaths you passed in during initial setup of this module will actually be decrypted.
-
-
-
-
-# Options
-
-| Option     | Type           | Required?      | Details                                                              |
-|:-----------|----------------|:---------------|:---------------------------------------------------------------------|
-| keyId      | ((string))     | Required(ish)  | The id of the key to use for all **new encryptions**.  This is _not_ necessarily the only key that will be used for decryptions though, because the key id you choose gets embedded into the encrypted string itself.  Then before that string is decrypted, this module simply unpacks that key id and uses it to determine the appropriate decryption key.  This approach allows for using multiple keys.  (Note that this option is only _technically_ required if you need to encrypt new data.  If you are only decrypting existing data, you needn't pass it in.) |
-| keys       | ((dictionary))   | Required     | A dictionary of all relevant data encryption keys (DEKs).  Since encrypted strings _contain the key id that was used to encrypt them_, it's important that `keys` contain the appropriate keys for any past key ids it might run across when attempting to decrypt those strings.
-| verifyId   | ((boolean))      | _Optional._  | Whether or not to (A) use the `id` property of a provided source object as an additional piece of metadata during encryption, and (B) expect that metadata to be embedded in encrypted strings during decryption, and throw an error if the expected idea does not match.  Defaults to `false`.
-
-
-
 # License
 
 [MIT](LICENSE)
