UNPKG

@azure/cosmos

Version:

Microsoft Azure Cosmos DB Service Node.js SDK for NOSQL API

github.com/Azure/azure-sdk-for-js/tree/main/sdk/cosmosdb/cosmos/README.md

Azure/azure-sdk-for-js

56 lines 2.74 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
// Copyright (c) Microsoft Corporation. // Licensed under the MIT License. import { Constants } from "../common/index.js"; import { startBackgroundTask } from "../utils/time.js"; /** * Class to store encryption keys in unwrapped form and provide an interface for wrapping and unwrapping the keys. */ export class EncryptionKeyStoreProvider { keyEncryptionKeyResolver; cacheTimeToLive; RsaOaepEncryptionAlgorithm = "RSA-OAEP"; // interval for clear cache to run cacheRefresher; // cache to store the unwrapped encryption key. Key is the path of the encryption key unwrappedEncryptionKeyCache; providerName; constructor(keyEncryptionKeyResolver, cacheTimeToLive) { this.keyEncryptionKeyResolver = keyEncryptionKeyResolver; this.cacheTimeToLive = cacheTimeToLive; this.keyEncryptionKeyResolver = keyEncryptionKeyResolver; this.providerName = keyEncryptionKeyResolver.encryptionKeyResolverName; this.unwrappedEncryptionKeyCache = {}; this.cacheTimeToLive = cacheTimeToLive; this.clearCacheOnTtlExpiry(); } async wrapKey(encryptionKeyId, algorithm, key) { const uInt8ArrayKey = new Uint8Array(key); const wrappedEncryptionKey = await this.keyEncryptionKeyResolver.wrapKey(encryptionKeyId, algorithm, uInt8ArrayKey); return Buffer.from(wrappedEncryptionKey); } async unwrapKey(encryptionKeyId, algorithm, wrappedKey) { if (this.cacheTimeToLive === 0) { const res = await this.keyEncryptionKeyResolver.unwrapKey(encryptionKeyId, algorithm, wrappedKey); return Buffer.from(res); } if (!this.unwrappedEncryptionKeyCache[encryptionKeyId]) { const wrappedKeyUint8Array = new Uint8Array(wrappedKey); const plainEncryptionKey = await this.keyEncryptionKeyResolver.unwrapKey(encryptionKeyId, algorithm, wrappedKeyUint8Array); const plainEncryptionKeyBuffer = Buffer.from(plainEncryptionKey); this.unwrappedEncryptionKeyCache[encryptionKeyId] = [new Date(), plainEncryptionKeyBuffer]; } return this.unwrappedEncryptionKeyCache[encryptionKeyId][1]; } async clearCacheOnTtlExpiry() { this.cacheRefresher = startBackgroundTask(async () => { const now = new Date(); for (const key in this.unwrappedEncryptionKeyCache) { if (now.getTime() - this.unwrappedEncryptionKeyCache[key][0].getTime() > this.cacheTimeToLive) { delete this.unwrappedEncryptionKeyCache[key]; } } }, Constants.EncryptionCacheRefreshIntervalInMs); } } //# sourceMappingURL=EncryptionKeyStoreProvider.js.map