expressjs
Added encryptStorage module
Added support for encryptStorage module and added it to the README.
It uses crypto.createCipher() using the 'AES-256-XTS cipher, with a 36 byte binary key, derived from cypto.randomBytes(). The key is returned to the client in the req.files.encryptKey as a hex string.
With the memory_only boolean (defaults to false) you'll decide to temporarily write to disk before encryption or not.
I'll do some more work on it hopefully verifying that randomBytes actually is a CPRNG, and maybe change it to createCipheriv().
As it is now, it works, and is reasonably secure.
Haven't updated the CHANGELOG or version number.
Correct me if I'm wrong, but the memory_only option doesn't at all seem to be doing what it says in the documentation?
Also, I'm not sure that this storage engine should live in multer rather than it's own repo, but let's start by reviewing the code and making sure all that is stellar before we make a decision on that...
I'll take a look at this tonight. Still learning about NodeJS and might have misunderstood how streams work. When I wrote this, I was under the impression that streams required that the entire object fit in memory. Recently, I'm not sure that my original impression is correct. If streams doesn't require the object to fit in memory, the memory_only function would be redundant.
I'll give it a shot tonight and fix it up.