Overview · FileKit · Core · Identity · Browser support · Other platforms · Contributing · License
Tanker is an open-source solution to protect sensitive data in any application, with a simple end-user experience and good performance. No cryptographic skills are required to implement it.
Tanker FileKit is an end-to-end encrypted file storage service for apps.
Tanker FileKit transfers and stores files in the cloud. The files are encrypted in the browser before being uploaded, and can only be downloaded by the owner and recipients, completely transparently.
It wraps Tanker Core and Tanker VerificationUI in a single easy-to-use to use package.
Tanker FileKit usage example
This is a simple example using FileKit:
import FileKit from '@tanker/filekit';
const fileKit = new FileKit({ appId });
// Retrieve the private identities from your server (or use FakeAuthentication, see below)
const email = 'alice@example.com';
const privateIdentity = { permanentIdentity, provisionalIdentity };
// Start a FileKit session:
// * a verification UI will be automatically displayed if needed
// * when start() resolves, the FileKit session is ready
await fileKit.start(email, privateIdentity);
// Encrypt the clear file locally and upload it to the cloud:
const fileId = await fileKit.upload(file, { shareWithUsers, shareWithGroups });
// Download and decrypt the file locally:
const file = await fileKit.download(fileId);
Package | Version |
---|---|
@tanker/filekit |
Tanker Core is the foundation, it provides powerful end-to-end encryption of any type of data, textual or binary. Tanker Core handles multi-device, identity verification, user groups and pre-registration sharing.
Package | Version |
---|---|
@tanker/client-browser | |
@tanker/client-node |
Detailed changes for each release are documented in the Release Notes.
Tanker Core usage example
The Core SDK takes care of all the difficult cryptography in the background, leaving you with simple high-level APIs:
import { Tanker } from '@tanker/client-browser';
// Initialize the isolated Tanker environment within your application
const tanker = new Tanker({ appId: '...' });
// Start a session with the user's cryptographic identity
await tanker.start(aliceIdentity);
// Encrypt data and share it with separate recipients or groups
const encryptedMessage = await tanker.encrypt(
"It's a secret to everybody",
{ shareWithUsers: [bobIdentity] }
);
// Decrypt data (or throw if not a legitimate recipient)
const message = await tanker.decrypt(encryptedMessage);
The Core SDK automatically handles complex key exchanges, cryptographic operations, and identity verification for you.
For more details and advanced examples, please refer to:
Or fiddle with the quickstart examples to see the Tanker SDKs integrated in a collection of demo apps.
End-to-end encryption requires that all users have cryptographic identities. The following packages help to handle them:
Tanker Identity is a server side package to link Tanker identities with your users in your application backend. It is available in multiple languages. This repository only contains the Javascript version.
Tanker Verification UI is a UI element that wraps a Tanker Core instance in order to handle the verification process automatically. It takes the form of a modal that will appear when needed, send the verification code by email to the user, and prompt them to verify their identity with the code.
Tanker Fake Authentication reduces the friction when starting new projects, by delaying the integration of Tanker Identity in your application server.
Package | Version |
---|---|
@tanker/identity | |
@tanker/verification-ui | |
@tanker/fake-authentication |
The Tanker JavaScript SDKs support the following platforms:
- Chrome, Firefox, Safari, Microsoft Edge, and Internet Explorer 11
- Node.js 8+
The Tanker JavaScript SDKs are constantly tested with all of the supported browsers via unit and functional tests.
We use BrowserStack to automate testing on many browser & OS combinations.
Tanker is also available for your mobile applications: use our open-source iOS and Android SDKs.
We welcome feedback, bug reports, and bug fixes in the form of pull requests.
To build the JavaScript SDKs yourself, please follow the steps below.
Install Yarn version 1.0 or greater.
Use this command to check the Yarn version installed on your system:
yarn -v
Clone this repository:
git clone https://github.com/TankerHQ/sdk-js.git
Install dependencies:
cd sdk-js && yarn
Our codebase uses the following ES6 features: async
/ await
, import
/ export
, and classes with flow for type-checking and with eslint for linting.
To check that the code is correct and to launch the tests in Node.js, use:
yarn proof
Before submitting your pull request, please make sure that your changes pass the linters and that all the tests pass on your local machine.
For non-trivial changes, we highly recommend including extra tests.
When you're ready, submit your pull request, targeting the master
branch of this repository.
The Tanker JavaScript SDK is licensed under the Apache License, version 2.0.