diff --git a/package-lock.json b/package-lock.json index 7e476c00..a283313b 100644 --- a/package-lock.json +++ b/package-lock.json @@ -4011,6 +4011,14 @@ "url": "https://github.com/sponsors/isaacs" } }, + "node_modules/@noble/ciphers": { + "version": "0.4.1", + "resolved": "https://registry.npmjs.org/@noble/ciphers/-/ciphers-0.4.1.tgz", + "integrity": "sha512-QCOA9cgf3Rc33owG0AYBB9wszz+Ul2kramWN8tXG44Gyciud/tbkEqvxRF/IpqQaBpRBNi9f4jdNxqB2CQCIXg==", + "funding": { + "url": "https://paulmillr.com/funding/" + } + }, "node_modules/@noble/curves": { "version": "1.2.0", "resolved": "https://registry.npmjs.org/@noble/curves/-/curves-1.2.0.tgz", @@ -4833,6 +4841,10 @@ "resolved": "packages/database", "link": true }, + "node_modules/@pluto-encrypted/encryption": { + "resolved": "packages/encryption", + "link": true + }, "node_modules/@pluto-encrypted/indexdb": { "resolved": "packages/indexdb", "link": true @@ -26318,33 +26330,74 @@ "@atala/prism-wallet-sdk": "^3.2.0" } }, + "packages/encryption": { + "name": "@pluto-encrypted/encryption", + "version": "0.0.0", + "license": "Apache-2.0", + "dependencies": { + "@noble/ciphers": "^0.4.1", + "@noble/curves": "^1.3.0", + "@noble/hashes": "^1.3.3", + "rxdb": "^14.17.0", + "uuid": "^9.0.1" + } + }, + "packages/encryption/node_modules/@noble/curves": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/@noble/curves/-/curves-1.3.0.tgz", + "integrity": "sha512-t01iSXPuN+Eqzb4eBX0S5oubSqXbK/xXa1Ne18Hj8f9pStxztHCE2gfboSp/dZRLSqfuLpRK2nDXDK+W9puocA==", + "dependencies": { + "@noble/hashes": "1.3.3" + }, + "funding": { + "url": "https://paulmillr.com/funding/" + } + }, + "packages/encryption/node_modules/@noble/hashes": { + "version": "1.3.3", + "resolved": "https://registry.npmjs.org/@noble/hashes/-/hashes-1.3.3.tgz", + "integrity": "sha512-V7/fPHgl+jsVPXqqeOzT8egNj2iBIVt+ECeMMG8TdcnTikP3oaBtUVqpT/gYCR68aEBJSF+XbYUxStjbFMqIIA==", + "engines": { + "node": ">= 16" + }, + "funding": { + "url": "https://paulmillr.com/funding/" + } + }, "packages/indexdb": { "name": "@pluto-encrypted/indexdb", "version": "1.0.5", "license": "Apache-2.0", "dependencies": { + "@pluto-encrypted/encryption": "^0.0.0", "rxdb": "^14.17.0", "uuid": "^9.0.1" + }, + "devDependencies": { + "@pluto-encrypted/encryption": "../encryption" } }, "packages/inmemory": { "name": "@pluto-encrypted/inmemory", - "version": "1.0.6", + "version": "1.0.8", "license": "Apache-2.0", "dependencies": { + "@pluto-encrypted/encryption": "^0.0.0", "@pluto-encrypted/shared": "^1.0.1", "rxdb": "^14.17.0", "uuid": "^9.0.1" }, "devDependencies": { + "@pluto-encrypted/encryption": "../encryption", "@pluto-encrypted/shared": "../shared" } }, "packages/leveldb": { "name": "@pluto-encrypted/leveldb", - "version": "1.0.6", + "version": "1.0.8", "license": "Apache-2.0", "dependencies": { + "@pluto-encrypted/encryption": "^0.0.0", "@pluto-encrypted/shared": "^1.0.1", "level": "^6.0.1", "module-error": "^1.0.2", @@ -26354,6 +26407,7 @@ "uuid": "^9.0.1" }, "devDependencies": { + "@pluto-encrypted/encryption": "../encryption", "@pluto-encrypted/shared": "../shared" } }, diff --git a/packages/encryption/LICENSE b/packages/encryption/LICENSE new file mode 100644 index 00000000..216af719 --- /dev/null +++ b/packages/encryption/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright © 2021-2023 Input Output Global + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/packages/encryption/README.md b/packages/encryption/README.md new file mode 100644 index 00000000..60587243 --- /dev/null +++ b/packages/encryption/README.md @@ -0,0 +1,2 @@ +# @pluto-encrypted/encryption +This is the encryption package for pluto encrypted database wrappers using secure implementation xchacha20poly1305. \ No newline at end of file diff --git a/packages/encryption/package.json b/packages/encryption/package.json new file mode 100644 index 00000000..76daaaec --- /dev/null +++ b/packages/encryption/package.json @@ -0,0 +1,39 @@ +{ + "name": "@pluto-encrypted/encryption", + "version": "0.0.0", + "description": "Encryption layer for pluto encrypted database engines", + "main": "./build/cjs/index.cjs", + "module": "./build/esm/index.mjs", + "types": "./build/index.d.ts", + "exports": { + ".": { + "import": "./build/esm/index.mjs", + "require": "./build/cjs/index.cjs" + } + }, + "publishConfig": { + "access": "public" + }, + "scripts": { + "prepublishOnly": "npm run build", + "clean-packages": "rm -rf node_modules && rm -rf build", + "build": "rm -rf build && npx rollup -c rollup/rollup.mjs" + }, + "repository": { + "type": "git", + "url": "https://github.com/elribonazo/pluto-encrypted.git" + }, + "author": "elribonazo@gmail.com", + "license": "Apache-2.0", + "dependencies": { + "@noble/ciphers": "^0.4.1", + "@noble/curves": "^1.3.0", + "@noble/hashes": "^1.3.3", + "rxdb": "^14.17.0", + "uuid": "^9.0.1" + }, + "files": [ + "build/*" + ], + "gitHead": "6aa4ce8bbb9938fc4c4e790efffa5b902631362c" +} \ No newline at end of file diff --git a/packages/encryption/rollup/rollup.mjs b/packages/encryption/rollup/rollup.mjs new file mode 100644 index 00000000..daa9c4e8 --- /dev/null +++ b/packages/encryption/rollup/rollup.mjs @@ -0,0 +1,5 @@ +import nodePolyfills from "rollup-plugin-polyfill-node"; + +import CreateConfig from "../../../rollup/index.mjs"; + +export default CreateConfig(undefined, [nodePolyfills()]); diff --git a/packages/encryption/src/index.ts b/packages/encryption/src/index.ts new file mode 100644 index 00000000..42a2de18 --- /dev/null +++ b/packages/encryption/src/index.ts @@ -0,0 +1,181 @@ +import { InternalStoreDocType, RxAttachmentWriteData, RxDocumentData, RxDocumentWriteData, RxJsonSchema, RxStorage, RxStorageInstanceCreationParams, b64DecodeUnicode, b64EncodeUnicode, clone, ensureNotFalsy, flatClone, getProperty, hasEncryption, newRxError, newRxTypeError, setProperty, wrapRxStorageInstance } from "rxdb"; + +import { sha256 } from '@noble/hashes/sha256'; +import { chacha20poly1305, xchacha20poly1305 } from '@noble/ciphers/chacha'; +import { managedNonce, randomBytes } from '@noble/ciphers/webcrypto/utils' +import { CipherWithOutput } from "@noble/ciphers/utils"; + + +export const MINIMUM_PASSWORD_LENGTH: 8 = 8; + +//We must keep nonce static to be able to restore the database later, user only has the password +const nonce = Buffer.from('b47e1d4e5f7377c2e80a19b8', 'hex') + +export function encryptString(chacha: CipherWithOutput, value: string, password: string): string { + const encrypted = chacha.encrypt(Buffer.from(value)); + return Buffer.from(encrypted).toString('hex'); +} + +export function decryptString(chacha: CipherWithOutput, cipherText: string, password: any): string { + /** + * Trying to decrypt non-strings + * will cause no errors and will be hard to debug. + * So instead we do this check here. + */ + if (typeof cipherText !== 'string') { + throw newRxError('SNH', { + args: { + cipherText + } + }); + } + const decrypted = chacha.decrypt(Buffer.from(cipherText, 'hex')); + const ret = Buffer.from(decrypted).toString(); + return ret; +} + +export type InternalStorePasswordDocType = InternalStoreDocType<{ + hash: string; +}>; + +export function wrappedKeyEncryptionStorage( + args: { + storage: RxStorage; + } +): RxStorage { + return Object.assign( + {}, + args.storage, + { + async createStorageInstance( + params: RxStorageInstanceCreationParams + ) { + if (typeof params.password !== 'undefined') { + validatePassword(params.password as any); + } + + if (!hasEncryption(params.schema)) { + const retInstance = await args.storage.createStorageInstance(params); + return retInstance; + } + + if (!params.password) { + throw newRxError('EN3', { + database: params.databaseName, + collection: params.collectionName, + schema: params.schema + }); + } + const password = params.password; + + const hashedPassword = sha256(password) + const chacha = chacha20poly1305(hashedPassword, nonce); + + const schemaWithoutEncrypted: RxJsonSchema> = clone(params.schema); + delete schemaWithoutEncrypted.encrypted; + if (schemaWithoutEncrypted.attachments) { + schemaWithoutEncrypted.attachments.encrypted = false; + } + + const instance = await args.storage.createStorageInstance( + Object.assign( + {}, + params, + { + schema: schemaWithoutEncrypted + } + ) + ); + + function modifyToStorage(docData: RxDocumentWriteData) { + docData = cloneWithoutAttachments(docData); + ensureNotFalsy(params.schema.encrypted) + .forEach(path => { + const value = getProperty(docData, path); + if (typeof value === 'undefined') { + return; + } + + const stringValue = JSON.stringify(value); + const encrypted = encryptString(chacha, stringValue, password); + setProperty(docData, path, encrypted); + }); + + // handle attachments + if ( + params.schema.attachments && + params.schema.attachments.encrypted + ) { + const newAttachments: typeof docData._attachments = {}; + Object.entries(docData._attachments).forEach(([id, attachment]) => { + const useAttachment: RxAttachmentWriteData = flatClone(attachment) as any; + if (useAttachment.data) { + const dataString = useAttachment.data; + useAttachment.data = b64EncodeUnicode(encryptString(chacha, dataString, password)); + } + newAttachments[id] = useAttachment; + }); + docData._attachments = newAttachments; + } + return docData; + } + function modifyFromStorage(docData: RxDocumentData): Promise> { + docData = cloneWithoutAttachments(docData); + ensureNotFalsy(params.schema.encrypted) + .forEach(path => { + const value = getProperty(docData, path); + if (typeof value === 'undefined') { + return; + } + const decrypted = decryptString(chacha, value, password); + const decryptedParsed = JSON.parse(decrypted); + setProperty(docData, path, decryptedParsed); + }); + return docData; + } + + function modifyAttachmentFromStorage(attachmentData: string): string { + if ( + params.schema.attachments && + params.schema.attachments.encrypted + ) { + const decrypted = decryptString(chacha, b64DecodeUnicode(attachmentData), password); + return decrypted; + } else { + return attachmentData; + } + } + + return wrapRxStorageInstance( + instance, + modifyToStorage, + modifyFromStorage, + modifyAttachmentFromStorage + ); + } + } + ); +} + +function cloneWithoutAttachments(data: RxDocumentWriteData): RxDocumentData { + const attachments = data._attachments; + data = flatClone(data); + delete (data as any)._attachments; + data = clone(data); + data._attachments = attachments; + return data as any; +} + +function validatePassword(password: string) { + if (typeof password !== 'string') { + throw newRxTypeError('EN1', { + password + }); + } + if (password.length < MINIMUM_PASSWORD_LENGTH) { + throw newRxError('EN2', { + minPassLength: MINIMUM_PASSWORD_LENGTH, + password + }); + } +} diff --git a/packages/encryption/tsconfig.json b/packages/encryption/tsconfig.json new file mode 100644 index 00000000..99c2653a --- /dev/null +++ b/packages/encryption/tsconfig.json @@ -0,0 +1,10 @@ +{ + "extends": "../../tsconfig.json", + "compilerOptions": { + "rootDir": "./src", + "declarationDir": "./build", + }, + "include": [ + "src" + ] +} \ No newline at end of file diff --git a/packages/indexdb/package.json b/packages/indexdb/package.json index cb5f7bdf..94f220ba 100644 --- a/packages/indexdb/package.json +++ b/packages/indexdb/package.json @@ -27,10 +27,14 @@ "license": "Apache-2.0", "dependencies": { "rxdb": "^14.17.0", - "uuid": "^9.0.1" + "uuid": "^9.0.1", + "@pluto-encrypted/encryption": "^0.0.0" + }, + "devDependencies": { + "@pluto-encrypted/encryption": "../encryption" }, "files": [ "build/*" ], "gitHead": "6aa4ce8bbb9938fc4c4e790efffa5b902631362c" -} +} \ No newline at end of file diff --git a/packages/indexdb/src/index.ts b/packages/indexdb/src/index.ts index ce9728b9..b55a4e8f 100644 --- a/packages/indexdb/src/index.ts +++ b/packages/indexdb/src/index.ts @@ -1,8 +1,8 @@ +import { wrappedKeyEncryptionStorage } from "@pluto-encrypted/encryption"; import { RxStorage } from "rxdb"; import { getRxStorageDexie } from "rxdb/plugins/storage-dexie"; -import { wrappedKeyEncryptionCryptoJsStorage } from "rxdb/plugins/encryption-crypto-js"; -const storage: RxStorage = wrappedKeyEncryptionCryptoJsStorage({ +const storage: RxStorage = wrappedKeyEncryptionStorage({ storage: getRxStorageDexie(), }) diff --git a/packages/inmemory/package.json b/packages/inmemory/package.json index 811a0840..5bf1917b 100644 --- a/packages/inmemory/package.json +++ b/packages/inmemory/package.json @@ -27,14 +27,16 @@ "license": "Apache-2.0", "dependencies": { "@pluto-encrypted/shared": "^1.0.1", + "@pluto-encrypted/encryption": "^0.0.0", "rxdb": "^14.17.0", "uuid": "^9.0.1" }, "devDependencies": { - "@pluto-encrypted/shared": "../shared" + "@pluto-encrypted/shared": "../shared", + "@pluto-encrypted/encryption": "../encryption" }, "files": [ "build/*" ], "gitHead": "adf50b6a30f1ca6fe207aac5b5bb74ad1aba6c47" -} +} \ No newline at end of file diff --git a/packages/inmemory/src/index.ts b/packages/inmemory/src/index.ts index 70408bb1..64fc5e27 100644 --- a/packages/inmemory/src/index.ts +++ b/packages/inmemory/src/index.ts @@ -1,10 +1,10 @@ -import { wrappedKeyEncryptionCryptoJsStorage } from "rxdb/plugins/encryption-crypto-js"; import { RxStorage, RxStorageDefaultStatics, RxStorageInstance, RxStorageInstanceCreationParams } from "rxdb"; import { InMemorySettings, InMemoryStorageInternals, RxStorageInMemoryType } from "./inMemoryStorage/types"; import { RxStorageIntanceInMemory } from "./inMemoryStorage/instance"; import { InMemoryInternal } from "./inMemoryStorage/internal"; +import { wrappedKeyEncryptionStorage } from "@pluto-encrypted/encryption"; let inMemoryInstance: RxStorageInMemoryType; let internalInstance: InMemoryInternal @@ -36,7 +36,7 @@ function getRxStorageMemory(settings: InMemorySettings = {}): RxStora return inMemoryInstance } -const storage: RxStorage = wrappedKeyEncryptionCryptoJsStorage({ +const storage: RxStorage = wrappedKeyEncryptionStorage({ storage: getRxStorageMemory() }) diff --git a/packages/leveldb/package.json b/packages/leveldb/package.json index ff494d87..7a35c423 100644 --- a/packages/leveldb/package.json +++ b/packages/leveldb/package.json @@ -30,6 +30,7 @@ "license": "Apache-2.0", "dependencies": { "@pluto-encrypted/shared": "^1.0.1", + "@pluto-encrypted/encryption": "^0.0.0", "level": "^6.0.1", "module-error": "^1.0.2", "pull-level": "^2.0.4", @@ -38,10 +39,11 @@ "uuid": "^9.0.1" }, "devDependencies": { - "@pluto-encrypted/shared": "../shared" + "@pluto-encrypted/shared": "../shared", + "@pluto-encrypted/encryption": "../encryption" }, "files": [ "build/*" ], "gitHead": "6aa4ce8bbb9938fc4c4e790efffa5b902631362c" -} +} \ No newline at end of file diff --git a/packages/leveldb/src/index.ts b/packages/leveldb/src/index.ts index fd1564ca..4594cf6f 100644 --- a/packages/leveldb/src/index.ts +++ b/packages/leveldb/src/index.ts @@ -1,9 +1,9 @@ -import { wrappedKeyEncryptionCryptoJsStorage } from "rxdb/plugins/encryption-crypto-js"; import { RxStorage, RxStorageDefaultStatics, RxStorageInstance, RxStorageInstanceCreationParams } from "rxdb"; import { LevelDBInternalConstructor, LevelDBSettings, LevelDBStorageInternals, RxStorageLevelDBType } from "./leveldb/types"; import { RxStorageIntanceLevelDB } from "./leveldb/instance"; import { LevelDBInternal } from "./leveldb/internal"; +import { wrappedKeyEncryptionStorage } from "@pluto-encrypted/encryption"; let internalInstance: LevelDBInternal @@ -67,7 +67,7 @@ function getRxStorageLevel(settings: LevelDBSettings): RxStorageLevel export function createLevelDBStorage(settings: LevelDBSettings) { - const storage: RxStorage = wrappedKeyEncryptionCryptoJsStorage({ + const storage: RxStorage = wrappedKeyEncryptionStorage({ storage: getRxStorageLevel(settings) }) return storage diff --git a/rollup/index.mjs b/rollup/index.mjs index 4da63474..557fc4dc 100644 --- a/rollup/index.mjs +++ b/rollup/index.mjs @@ -22,7 +22,11 @@ const externals = [ "@pluto-encrypted/shared", "level", "pull-stream", - "pull-level" + "pull-level", + "@noble/hashes/sha256", + "@noble/ciphers/chacha", + "@noble/ciphers/webcrypto/utils", + "@pluto-encrypted/encryption" ]; export default function CreateConfig(buildPath, plugins = [], extraInputs = []) {