Git Product home page Git Product logo

enc-service's Introduction

Encryption Service

HTTP based Encryption Service.

Getting Started

System Requirements

  • Nodejs
  • Npm
  • Relational Database(Postgres/Mysql)

Installing

npm i

DB Setup

The following are instructions that works as-is in Postgres. For Mysql, there are some changes needed, as noted in each step.

  • Creating key type enum CREATE TYPE "enum_Keys_type" AS ENUM ('MASTER','OTHER'); Not required in Mysql

  • Creating DB Table

    `CREATE TABLE "Keys" (
  id SERIAL PRIMARY KEY,
  public text NOT NULL,
  private text NOT NULL,
  type "enum_Keys_type" NOT NULL,
  active boolean DEFAULT true NOT NULL,
  reserved boolean DEFAULT false NOT NULL,
  "createdAt" timestamp with time zone NOT NULL,
  "updatedAt" timestamp with time zone NOT NULL
);`

The type would have to be supplied as "type enum('MASTER', 'OTHER')" in Mysql.

Generating keys

  1. Edit the DB credentials by exporting the following environment variables

    1. DB_HOST
    2. DB_USER
    3. DB_PASSWORD
    4. DB_NAME
    5. DB_DIALECT - "postgres"|"mysql"|"sqlite"
    6. MASTER_PASS
    7. N_KEYS
    8. N_RESERVED_KEYS

  2. Set the environment by exporting the NODE_ENV environment variable as development or prod

    1. DB_PORT defaults to 9999 in prod. If the DB server is listening on a different port, DB_PORT must be set.

  3. Run the key generation script in dev mode node scripts/master.js
    Run the key generation script in silent mode node scripts/master.js --silent
    The following is applicable only for dev mode

  • This will ask for encryption password twice and then add the following
    • Encrypted RSA keys to the DB
  • The encryption password will be asked twice again -- same as above
    • Encrypted RSA keys in a file(./keys/keys.json)
  • The zip encryption password will be asked twice, this can be a different password
    • Protected zip of unencrypted keys (./keys/keys.zip)

Running the service

  1. Set the DB credentials by exporting the following environment variables
    1. DB_HOST
    2. DB_USER
    3. DB_PASSWORD
    4. DB_NAME
    5. DB_DIALECT - "postgres"|"mysql"|"sqlite"
  2. Run node app.js < passwd &

This will start the encryption service in the background on port 8013 by reading the master password from passwd file.

Run the service without passwd file

Export an environment variable ENTRY_PASS holding the master password and start the service as given below node app.js &

APIs

Encrypt

curl -X POST -H "Content-Type: application/json" -d '{
  "value":"sunbird"
}' "http://localhost:8013/encrypt"

curl -X POST -H "Content-Type: application/json" -d '{
    "value": { "name": "Ramesh Kumar", "phone": "9901990101" }
}' "http://localhost:8013/encrypt/obj"

Decrypt

curl -X POST -H "Content-Type: application/json" -d '{
  "value":"v1|62|DL6oW2QemDz/qmPcqP+mjD5x6Y6d2GGYkfeUHqyk9qazJ5O7Ep4bH06VX0D3iqQjckESFMXlE9nBDcy93JFVNw=="
}' "http://localhost:8013/decrypt"

curl -X POST -H "Content-Type: application/json" -d '{
  "value": { "name": "v1|62|DL6oW2QemDz/qmPcqP+mjD5x6Y6d2GGYkfeUHqyk9qazJ5O7Ep4bH06VX0D3iqQjckESFMXlE9nBDcy93JFVNw==",
             "phone": "v1|77|DL6oW2QemDz/qmPcqP+mjD5x6Y6d2GGYkfeUHqyk9qazJ5O7Ep4bH06VX0D3iqQjckESFMXlE9nBDcy93JFVNw=="}
}' "http://localhost:8013/decrypt/obj"

Sign

Sign a single attribute

`curl -X POST -H "Content-Type: application/json" -d '{
  "value":"sunbird"
}' "http://localhost:8013/sign"`

Sample response { "signatureValue": "vJUolu7lKXa2Jwba0VS8xPDbRUnPdyaIFe9fhPd8+fAybY3dJmiupMcI2VHlOhOWCT5+347PgPix8nn5hrs3Aw==", "keyId": 2, "version": "1.0.0" }

Sign multiple attributes at one go

`curl -X POST -H "Content-Type: application/json" -d '{
    "value": ["Ramesh Kumar", "9901990101"]
   }
}' "http://localhost:8013/sign"`

Sample response [{ "signatureValue": "Zof/AJu/ALQtD0OjuBFvs8dsZ/OfD08mC30ex5g1P1jV0IJYIHPscF0jGdGec/KkHmyvKkLU/hHiQ0czzr6Cvg==", "keyId": 2, "version": "1.0.0" }, { "signatureValue": "tV0EHm0wKclS6v/gOhhaP51QcV39wUYPxYZCoA+4cGM2NicFGtjdMnV23HxZUR0CVxpVo91qBKeHbgpAD3/7pQ==", "keyId": 3, "version": "1.0.0" }]

Sign a single entity

`curl -X POST -H "Content-Type: application/json" -d '{
   "entity": {
       "name": "Kevin", "phone": "9901990103" 
    } 
}' "http://localhost:8013/sign"`

Sample response { "signatureValue": "iv07RbttVQZeOpGF8SCJitPnV/sEWW0LN8hc2U2MDMcIw3INsp5c8mjJiyiKvO31lS7LEflj20EOVvRmI3cRyw==", "keyId": 2, "version": "1.0.0" }

Sign multiple entities

`curl -X POST -H "Content-Type: application/json" -d '{
   "entity": [  
            {"name": "Ram", "phone": "9901990101" }, 
            {"name": "John", "phone": "9901990102" }
    ]
}' "http://localhost:8013/sign"`

Sample response [{ "signatureValue": "YzlNSN++9wFO7hBEXLgM3wBqWnCOi/euSyrbFSigrQe+t+ZwB0VNLfWGWdjwY8v28JTmns7T5cEArOcXeuqDbQ==", "keyId": 3, "version": "1.0.0" }, { "signatureValue": "oVYESGSI3C2Bc/gt+PjddJmmAPd7Eo+sPJ6FUzUw6FBlylAaShOYrpXqQbbsSLx3IkPwVYdfIgo5Y/ZatU8WyA==", "keyId": 3, "version": "1.0.0" }]

Verify

Verify a single attribute

`curl -X POST -H "Content-Type: application/json" -d '{
  "value":{ 
        "claim": "sunbird",
        "signatureValue": "vJUolu7lKXa2Jwba0VS8xPDbRUnPdyaIFe9fhPd8+fAybY3dJmiupMcI2VHlOhOWCT5+347PgPix8nn5hrs3Aw==",
        "keyId": 2
  }
}' "http://localhost:8013/verify"`

Sample response true

Verify multiple attributes at one go

`curl -X POST -H "Content-Type: application/json" -d '{
    "value": [{
            "claim": "Ramesh Kumar",
            "signatureValue": "Zof/AJu/ALQtD0OjuBFvs8dsZ/OfD08mC30ex5g1P1jV0IJYIHPscF0jGdGec/KkHmyvKkLU/hHiQ0czzr6Cvg==",
            "keyId": 2
        }, {
            "claim": "9901990101",
            "signatureValue": "tV0EHm0wKclS6v/gOhhaP51QcV39wUYPxYZCoA+4cGM2NicFGtjdMnV23HxZUR0CVxpVo91qBKeHbgpAD3/7pQ==",
            "keyId": 3
    ]
}' "http://localhost:8013/verify"`

Sample response [ true, true ]

Verify a single entity

`curl -X POST -H "Content-Type: application/json" -d '{
   "entity": {
       "claim": {"name": "fruit", "color": "red"},
        "signatureValue": "qsBPIU0EN1+I+5LkjhPbxjQuWPKQIfkhCrP9mwchqdufhnnteOHOL0ZZfsbg8AgTVqTHNuvY7RYMfN2+d0wtvw==",
        "keyId": 2
    } 
}' "http://localhost:8013/verify"`

Sample response true

Verify multiple entities

`curl -X POST -H "Content-Type: application/json" -d '{
   "entity":[{
        "claim": {"name": "fruit", "color": "red"},
        "signatureValue": "qsAPIU0EN1+I+5LkjhPbxjQuWPKQIfkhCrP9mwchqdufhnnteOHOL0ZZfsbg8AgTVqTHNuvY7RYMfN2+d0wtvw==",
        "keyId": 2
    },{
        "claim":{"name": "apple", "shape": "round"},
        "signatureValue": "X87ErciD6X6bFBYUjZ0gd88BtuOWBbGe6iS1Rx2dVuKkYpkVXU/OaGXJv68AaZaTNsDPVbKVbBQx5t6oLlq+Uw==",
        "keyId": 3
    }]
}' "http://localhost:8013/verify"`

Sample response [ false, true ]

Get keys

Get an active public key associated with the given identifier curl -X GET -H "Content-Type: application/json" "http://localhost:8013/keys/3" Sample response -----BEGIN PUBLIC KEY-----MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANNCNWC5K484XsQEvSL8rkVtJlAV9nTsusuHbxiU5xKp7R5Pw2ueEteqwfgRri0sVzJrrI394Tn/FjyXDtW+dhsCAwEAAQ==-----END PUBLIC KEY-----

enc-service's People

Contributors

indrajra avatar kochhar avatar rjshrjndrn avatar smyaltamash avatar jyotsnaraveendran avatar vrayulu avatar

Watchers

James Cloos avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.