File

src/shared/utils/encryption/providers/encryption-key-provider.interface.ts

Description

Interface for encryption key providers. Implementations fetch the encryption key from different sources at runtime.

Security benefit: Keys fetched at runtime are only in RAM, not exposed via environment variables that can be read with env command.

Index

Properties

name

Methods

getKey

Methods

getKey

getKey()

Defined in src/shared/utils/encryption/providers/encryption-key-provider.interface.ts:14

Fetch the 256-bit encryption key. Called once at application startup.

Returns : Promise<Buffer>

32-byte Buffer (256 bits) for AES-256-GCM

Properties

name

name:         string

Type : string

Name of the provider for logging/diagnostics.

export interface EncryptionKeyProvider {
    /**
     * Fetch the 256-bit encryption key.
     * Called once at application startup.
     * @returns 32-byte Buffer (256 bits) for AES-256-GCM
     */
    getKey(): Promise<Buffer>;

    /**
     * Name of the provider for logging/diagnostics.
     */
    readonly name: string;
}

/**
 * Configuration for encryption key source.
 */
export type EncryptionKeySource = "env" | "vault" | "aws" | "azure";

/**
 * Injection token for the encryption key provider.
 */
export const ENCRYPTION_KEY_PROVIDER = "ENCRYPTION_KEY_PROVIDER";

File

Description

Index

Properties

Methods

Methods

Properties

results matching ""

No results matching ""