November 14, 2019

808 words 4 mins read

TankerHQ/sdk-js

TankerHQ/sdk-js

Tanker client-side encryption SDK for JavaScript

repo name TankerHQ/sdk-js
repo link https://github.com/TankerHQ/sdk-js
homepage https://tanker.io
language JavaScript
size (curr.) 3633 kB
stars (curr.) 772
created 2018-10-10
license Other

License Build BrowserStack Status Coverage Last Commit

Encryption SDKs for JavaScript

Overview · Core · Identity · FileKit · Browser support · Other platforms · Contributing · License

Overview

Tanker is an open-source solution to protect sensitive data in any application, with a simple end-user experience and good performance. No cryptographic skills are required to implement it.

Tanker Core

Tanker Core is the foundation, it provides powerful end-to-end encryption of any type of data, textual or binary. Tanker Core handles multi-device, identity verification, user groups and pre-registration sharing.

Package Version
@tanker/client-browser browser_npm-badge
@tanker/client-node nodejs_npm-badge

Detailed changes for each release are documented in the Release Notes.

The Core SDK takes care of all the difficult cryptography in the background, leaving you with simple high-level APIs:

import { Tanker } from '@tanker/client-browser';

// Initialize the isolated Tanker environment within your application
const tanker = new Tanker({ appId: '...' });

// Start a session with the user's cryptographic identity
await tanker.start(aliceIdentity);

// Encrypt data and share it with separate recipients or groups
const encryptedMessage = await tanker.encrypt(
  "It's a secret to everybody",
  { shareWithUsers: [bobIdentity] }
);

// Decrypt data (or throw if not a legitimate recipient)
const message = await tanker.decrypt(encryptedMessage);

The Core SDK automatically handles complex key exchanges, cryptographic operations, and identity verification for you.

For more details and advanced examples, please refer to:

Or fiddle with the quickstart examples to see the Tanker SDKs integrated in a collection of demo apps.

Identity management

End-to-end encryption requires that all users have cryptographic identities. The following packages help to handle them:

Tanker Identity is a server side package to link Tanker identities with your users in your application backend. It is available in multiple languages. This repository only contains the Javascript version.

Tanker Verification UI is a UI element that wraps a Tanker Core instance in order to handle the verification process automatically. It takes the form of a modal that will appear when needed, send the verification code by email to the user, and prompt them to verify their identity with the code.

Tanker Fake Authentication reduces the friction when starting new projects, by delaying the integration of Tanker Identity in your application server.

Package Version
@tanker/identity identity_npm-badge
@tanker/verification-ui verificationui_npm-badge
@tanker/fake-authentication fakeauth_npm-badge

Tanker FileKit

Tanker FileKit is an end-to-end encrypted file storage service for apps.

Tanker FileKit transfers and stores files in the cloud. The files are encrypted in the browser before being uploaded, and can only be downloaded by the owner and recipients, completely transparently.

It wraps Tanker Core and Tanker VerificationUI in a single easy-to-use to use package.

This is a simple example using FileKit:

import FileKit from '@tanker/filekit';

const fileKit = new FileKit({ appId });

// Retrieve the tanker identities from your server (or use FakeAuthentication, see below)
const email = 'alice@example.com';
const tankerIdentity = await yourServer.authenticate(email);

// Start a FileKit session:
//   * a verification UI will be automatically displayed if needed
//   * when start() resolves, the FileKit session is ready
await fileKit.start(email, { identity: tankerIdentity });

// Encrypt the clear file locally and upload it to the cloud:
const fileId = await fileKit.upload(file, { shareWithUsers, shareWithGroups });

// Download, decrypt, and save a file to disk
await fileKit.downloadToDisk(fileId);

// Download, decrypt, and get a File object
const file = await fileKit.download(fileId);
Package Version
@tanker/filekit filekit_npm-badge

Browser support

The Tanker JavaScript SDKs support the following platforms:

  • Chrome, Firefox, Safari, Microsoft Edge, and Internet Explorer 11
  • Node.js 8+

The Tanker JavaScript SDKs are constantly tested with all of the supported browsers via unit and functional tests.

We use BrowserStack to automate testing on many browser & OS combinations.

Other platforms

Tanker is also available for your mobile applications: use our open-source iOS and Android SDKs.

Contributing

We welcome feedback, bug reports, and bug fixes in the form of pull requests.

To build the JavaScript SDKs yourself, please follow the steps below.

Prerequisites

Install Yarn version 1.0 or greater.

Use this command to check the Yarn version installed on your system:

yarn -v

Install dependencies

Clone this repository:

git clone https://github.com/TankerHQ/sdk-js.git

Install dependencies:

cd sdk-js && yarn

Test and lint

Our codebase uses the following ES6 features: async / await, import / export, and classes with flow for type-checking and with eslint for linting.

To check that the code is correct and to launch the tests in Node.js, use:

yarn proof

Submit your pull request

Before submitting your pull request, please make sure that your changes pass the linters and that all the tests pass on your local machine.

For non-trivial changes, we highly recommend including extra tests.

When you’re ready, submit your pull request, targeting the master branch of this repository.

License

The Tanker JavaScript SDK is licensed under the Apache License, version 2.0.

comments powered by Disqus