TankerHQ/sdk-js
Tanker client-side encryption SDK for JavaScript
| repo name | TankerHQ/sdk-js |
| repo link | https://github.com/TankerHQ/sdk-js |
| homepage | https://tanker.io |
| language | JavaScript |
| size (curr.) | 3633 kB |
| stars (curr.) | 772 |
| created | 2018-10-10 |
| license | Other |
Encryption SDKs for JavaScript
Overview · Core · Identity · FileKit · Browser support · Other platforms · Contributing · License
Overview
Tanker is an open-source solution to protect sensitive data in any application, with a simple end-user experience and good performance. No cryptographic skills are required to implement it.
Tanker Core
Tanker Core is the foundation, it provides powerful end-to-end encryption of any type of data, textual or binary. Tanker Core handles multi-device, identity verification, user groups and pre-registration sharing.
| Package | Version |
|---|---|
| @tanker/client-browser |  |
| @tanker/client-node |  |
Detailed changes for each release are documented in the Release Notes.
The Core SDK takes care of all the difficult cryptography in the background, leaving you with simple high-level APIs:
import { Tanker } from '@tanker/client-browser';
// Initialize the isolated Tanker environment within your application
const tanker = new Tanker({ appId: '...' });
// Start a session with the user's cryptographic identity
await tanker.start(aliceIdentity);
// Encrypt data and share it with separate recipients or groups
const encryptedMessage = await tanker.encrypt(
"It's a secret to everybody",
{ shareWithUsers: [bobIdentity] }
);
// Decrypt data (or throw if not a legitimate recipient)
const message = await tanker.decrypt(encryptedMessage);
The Core SDK automatically handles complex key exchanges, cryptographic operations, and identity verification for you.
For more details and advanced examples, please refer to:
Or fiddle with the quickstart examples to see the Tanker SDKs integrated in a collection of demo apps.
Identity management
End-to-end encryption requires that all users have cryptographic identities. The following packages help to handle them:
Tanker Identity is a server side package to link Tanker identities with your users in your application backend. It is available in multiple languages. This repository only contains the Javascript version.
Tanker Verification UI is a UI element that wraps a Tanker Core instance in order to handle the verification process automatically. It takes the form of a modal that will appear when needed, send the verification code by email to the user, and prompt them to verify their identity with the code.
Tanker Fake Authentication reduces the friction when starting new projects, by delaying the integration of Tanker Identity in your application server.
| Package | Version |
|---|---|
| @tanker/identity |  |
| @tanker/verification-ui |  |
| @tanker/fake-authentication |  |
Tanker FileKit
Tanker FileKit is an end-to-end encrypted file storage service for apps.
Tanker FileKit transfers and stores files in the cloud. The files are encrypted in the browser before being uploaded, and can only be downloaded by the owner and recipients, completely transparently.
It wraps Tanker Core and Tanker VerificationUI in a single easy-to-use to use package.
This is a simple example using FileKit:
import FileKit from '@tanker/filekit';
const fileKit = new FileKit({ appId });
// Retrieve the tanker identities from your server (or use FakeAuthentication, see below)
const email = 'alice@example.com';
const tankerIdentity = await yourServer.authenticate(email);
// Start a FileKit session:
// * a verification UI will be automatically displayed if needed
// * when start() resolves, the FileKit session is ready
await fileKit.start(email, { identity: tankerIdentity });
// Encrypt the clear file locally and upload it to the cloud:
const fileId = await fileKit.upload(file, { shareWithUsers, shareWithGroups });
// Download, decrypt, and save a file to disk
await fileKit.downloadToDisk(fileId);
// Download, decrypt, and get a File object
const file = await fileKit.download(fileId);
| Package | Version |
|---|---|
| @tanker/filekit |  |
Browser support
The Tanker JavaScript SDKs support the following platforms:
- Chrome, Firefox, Safari, Microsoft Edge, and Internet Explorer 11
- Node.js 8+
The Tanker JavaScript SDKs are constantly tested with all of the supported browsers via unit and functional tests.
We use BrowserStack to automate testing on many browser & OS combinations.
Other platforms
Tanker is also available for your mobile applications: use our open-source iOS and Android SDKs.
Contributing
We welcome feedback, bug reports, and bug fixes in the form of pull requests.
To build the JavaScript SDKs yourself, please follow the steps below.
Prerequisites
Install Yarn version 1.0 or greater.
Use this command to check the Yarn version installed on your system:
yarn -v
Install dependencies
Clone this repository:
git clone https://github.com/TankerHQ/sdk-js.git
Install dependencies:
cd sdk-js && yarn
Test and lint
Our codebase uses the following ES6 features: async / await, import / export, and classes with flow for type-checking and with eslint for linting.
To check that the code is correct and to launch the tests in Node.js, use:
yarn proof
Submit your pull request
Before submitting your pull request, please make sure that your changes pass the linters and that all the tests pass on your local machine.
For non-trivial changes, we highly recommend including extra tests.
When you’re ready, submit your pull request, targeting the master branch of this repository.
License
The Tanker JavaScript SDK is licensed under the Apache License, version 2.0.
