@tsmx/secure-config-tool - npm Package Compare versions

Comparing version 1.2.0 to 1.2.1

functions/create-file.js

		@@ -8,10 +8,6 @@ const fs = require('fs');
		function patternMatch(value, patterns) {
		result = false;
		patterns.forEach((pattern) => {
		return patterns.some((pattern) => {
		let regEx = new RegExp(pattern, 'i');
		if (regEx.test(value)) {
		result = true;
		}
		return regEx.test(value);
		});
		return result;
		}
		@@ -39,7 +35,7 @@
		}
		}
		};
		let configFile = fs.readFileSync(file);
		let config = JSON.parse(configFile);
		jt.traverse(config, callbacks, true);
		console.log(JSON.stringify(config, null, 4));
		console.log(JSON.stringify(config, null, 2));
		};

package.json

		{
		"name": "@tsmx/secure-config-tool",
		"version": "1.2.0",
		"version": "1.2.1",
		"description": "Tool for generating encrypted secure-config entries.",
		@@ -5,0 +5,0 @@ "main": "secure-config-tool.js",

secure-config-tool.js

		@@ -28,5 +28,5 @@ #!/usr/bin/env node
		console.log('');
		console.log('If no patterns are specified with the -p option then the default patterns are used: \'user\',\'pass\',\'token\'.')
		console.log('If no patterns are specified with the -p option then the default patterns are used: \'user\',\'pass\',\'token\'.');
		console.log('For every supplied pattern a case-insensitive regex match will be done for every key of the original JSON.');
		console.log('If the match succeeds, the value of the key will be encrypted.')
		console.log('If the match succeeds, the value of the key will be encrypted.');
		console.log('');
		@@ -33,0 +33,0 @@ console.log('Examples:');

test/secure-config-tool.test.js

		@@ -9,2 +9,3 @@ describe('secure-config-tool test suite', () => {
		const TEST_KEY = 'iC771qNLe+OGVcduw8fqpDIIK7lK0T5p';
		const TEST_KEY_HEX = '9af7d400be4705147dc724db25bfd2513aa11d6013d7bf7bdb2bfe050593bd0f';
		const TEST_KEY_BROKEN = 'iC771qNLe+OGVcduw8fqpDIIK7lK0T';
		@@ -102,3 +103,3 @@ const TEST_SECRET = 'MySecret123$';
		it('tests a successful key retrieval for a hexadecimal string', async (done) => {
		process.env['CONFIG_ENCRYPTION_KEY'] = '9af7d400be4705147dc724db25bfd2513aa11d6013d7bf7bdb2bfe050593bd0f';
		process.env['CONFIG_ENCRYPTION_KEY'] = TEST_KEY_HEX;
		const crypt = require('../utils/crypt');
		@@ -108,3 +109,3 @@ expect(testOutput.length).toBe(0);
		expect(key).toBeDefined();
		expect(key.length).toBe(32);
		expect(key.length).toBe(64);
		expect(testOutput.length).toBe(1);
		@@ -196,3 +197,3 @@ expect(testOutput[0].startsWith('CONFIG_ENCRYPTION_KEY found')).toBeTruthy();

		it('tests a failed command line secret decryption bevause of a broken secret', async (done) => {
		it('tests a failed command line secret decryption because of a broken secret', async (done) => {
		const mockExit = jest.spyOn(process, 'exit')
		@@ -212,3 +213,3 @@ .mockImplementation((number) => { throw new Error('process.exit: ' + number); });

		it('tests a failed command line secret decryption bevause of a missing key', async (done) => {
		it('tests a failed command line secret decryption because of a missing key', async (done) => {
		const mockExit = jest.spyOn(process, 'exit')
		@@ -254,2 +255,29 @@ .mockImplementation((number) => { throw new Error('process.exit: ' + number); });

		it('tests a successful command line file encryption with a hex key and default patterns', async (done) => {
		process.env['CONFIG_ENCRYPTION_KEY'] = TEST_KEY_HEX;
		const createFile = require('../functions/create-file');
		createFile('./test/testfiles/config.json');
		expect(testOutput.length).toBe(1);
		let encryptedJson = JSON.parse(testOutput[0]);
		expect(encryptedJson).toBeDefined();
		expect(encryptedJson.database).toBeDefined();
		expect(encryptedJson.database.host).toBeDefined();
		expect(encryptedJson.database.host).toBe('127.0.0.1');
		expect(encryptedJson.database.username).toBeDefined();
		expect(encryptedJson.database.username).not.toBe('SecretDbUser');
		let usenameParts = encryptedJson.database.username.split('\|');
		expect(usenameParts.length).toBe(3);
		expect(usenameParts[0]).toBe('ENCRYPTED');
		expect(hexReg.test(usenameParts[1])).toBeTruthy();
		expect(hexReg.test(usenameParts[2])).toBeTruthy();
		expect(encryptedJson.database.password).toBeDefined();
		expect(encryptedJson.database.password).not.toBe('SecretDbPassword');
		let passwordParts = encryptedJson.database.password.split('\|');
		expect(passwordParts.length).toBe(3);
		expect(passwordParts[0]).toBe('ENCRYPTED');
		expect(hexReg.test(passwordParts[1])).toBeTruthy();
		expect(hexReg.test(passwordParts[2])).toBeTruthy();
		done();
		});

		it('tests a successful command line file encryption with custom patterns', async (done) => {
		@@ -256,0 +284,0 @@ process.env['CONFIG_ENCRYPTION_KEY'] = TEST_KEY;

utils/crypt.js

		@@ -12,8 +12,5 @@ const crypto = require('crypto');
		}
		else if (process.env.CONFIG_ENCRYPTION_KEY.toString().length == 32) {
		result = Buffer.from(process.env.CONFIG_ENCRYPTION_KEY);
		else if (process.env.CONFIG_ENCRYPTION_KEY.toString().length == 32 \|\| hexReg.test(process.env.CONFIG_ENCRYPTION_KEY.toString())) {
		result = process.env.CONFIG_ENCRYPTION_KEY.toString();
		}
		else if (hexReg.test(process.env.CONFIG_ENCRYPTION_KEY)) {
		result = Buffer.from(process.env.CONFIG_ENCRYPTION_KEY, 'hex');
		}
		else {
		@@ -23,3 +20,3 @@ throw new Error('CONFIG_ENCRYPTION_KEY length must be 32 bytes.');
		if (verbose) {
		console.log('CONFIG_ENCRYPTION_KEY found, using key: **************************' + process.env.CONFIG_ENCRYPTION_KEY.toString().slice(26));
		console.log('CONFIG_ENCRYPTION_KEY found, using key: **************************' + result.slice(result.length - 6));
		}
		@@ -26,0 +23,0 @@ return result;

@tsmx/secure-config-tool - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics