yaml-crypt
Advanced tools
Comparing version 0.1.2 to 0.2.0
@@ -10,4 +10,3 @@ { | ||
"env": { | ||
"node": true, | ||
"es6": true | ||
"node": true | ||
}, | ||
@@ -14,0 +13,0 @@ "rules": { |
@@ -129,2 +129,6 @@ #!/usr/bin/env node | ||
}); | ||
parser.addArgument(['-a', '--algorithm'], { | ||
metavar: '<algorithm>', | ||
help: 'The encryption algorithm to use. Must be one of "fernet" (default) or "branca"' | ||
}); | ||
parser.addArgument(['-E', '--edit'], { | ||
@@ -196,2 +200,12 @@ action: 'storeTrue', | ||
function _run(args, config, options) { | ||
let algorithm = null; | ||
for (const a of yamlcrypt.algorithms) { | ||
if (a === args.algorithm || a.startsWith(`${args.algorithm}:`)) { | ||
algorithm = a; | ||
break; | ||
} | ||
} | ||
if (args.algorithm && !algorithm) { | ||
throw new UsageError(`unknown encryption algorithm: ${args.algorithm}`); | ||
} | ||
const keys = []; | ||
@@ -235,7 +249,7 @@ if (args.key || args.key_fd) { | ||
for (const file of args.file) { | ||
editFile(file, keys, args, config); | ||
editFile(file, keys, algorithm, args, config); | ||
} | ||
} else if (args.file.length) { | ||
for (const file of args.file) { | ||
processFileArg(file, keys, args); | ||
processFileArg(file, keys, algorithm, args); | ||
} | ||
@@ -251,2 +265,5 @@ } else { | ||
} | ||
if (encrypt && keys.length > 1) { | ||
throw new UsageError(`encrypting, but more than one key given!`); | ||
} | ||
let input; | ||
@@ -264,9 +281,10 @@ if (options.stdin) { | ||
} | ||
const opts = { 'base64': args.base64, 'algorithm': algorithm }; | ||
if (args.raw) { | ||
if (encrypt) { | ||
const crypt = yamlcrypt.encrypt(keys[0], { 'base64': args.base64 }); | ||
const crypt = yamlcrypt.encrypt(keys[0], opts); | ||
output.write(crypt.encryptRaw(input)); | ||
output.write('\n'); | ||
} else { | ||
const crypt = yamlcrypt.decrypt(keys[0], { 'base64': args.base64 }); | ||
const crypt = yamlcrypt.decrypt(keys[0], opts); | ||
let result = crypt.decryptRaw(input); | ||
@@ -278,3 +296,3 @@ output.write(result); | ||
if (encrypt) { | ||
const crypt = yamlcrypt.encrypt(keys[0], { 'base64': args.base64 }); | ||
const crypt = yamlcrypt.encrypt(keys[0], opts); | ||
yaml.safeLoadAll(input, obj => { | ||
@@ -286,3 +304,3 @@ yamlcryptHelper.processStrings(obj, args.path, str => new yamlcrypt.Plaintext(str)); | ||
} else { | ||
const crypt = yamlcrypt.decrypt(keys[0], { 'base64': args.base64 }); | ||
const crypt = yamlcrypt.decrypt(keys[0], opts); | ||
crypt.safeLoadAll(input, obj => strs.push(yaml.safeDump(obj))); | ||
@@ -335,3 +353,3 @@ } | ||
function processFileArg(file, keys, args) { | ||
function processFileArg(file, keys, algorithm, args) { | ||
const stat = fs.statSync(file); | ||
@@ -350,3 +368,3 @@ if (stat.isDirectory()) { | ||
}) | ||
.forEach(f => processFile(file + '/' + f, keys, args)); | ||
.forEach(f => processFile(file + '/' + f, keys, algorithm, args)); | ||
} else { | ||
@@ -356,7 +374,7 @@ throw new UsageError(`directories will be skipped unless --dir given: ${file}`); | ||
} else { | ||
processFile(file, keys, args); | ||
processFile(file, keys, algorithm, args); | ||
} | ||
} | ||
function processFile(file, keys, args) { | ||
function processFile(file, keys, algorithm, args) { | ||
let encrypt; | ||
@@ -393,7 +411,5 @@ if (plaintextFile(file)) { | ||
let strs = []; | ||
const opts = { 'base64': args.base64, 'algorithm': algorithm }; | ||
if (encrypt) { | ||
if (keys.length > 1) { | ||
console.warn('warning: multiple keys given, using first key for encryption!'); | ||
} | ||
const crypt = yamlcrypt.encrypt(keys[0], { 'base64': args.base64 }); | ||
const crypt = yamlcrypt.encrypt(keys[0], opts); | ||
yaml.safeLoadAll(content, obj => { | ||
@@ -409,3 +425,3 @@ yamlcryptHelper.processStrings(obj, args.path, str => new yamlcrypt.Plaintext(str)); | ||
strs = []; | ||
const crypt = yamlcrypt.decrypt(key, { 'base64': args.base64 }); | ||
const crypt = yamlcrypt.decrypt(key, opts); | ||
crypt.safeLoadAll(content, obj => strs.push(yaml.safeDump(obj))); | ||
@@ -428,3 +444,3 @@ success = true; | ||
function editFile(file, keys, args, config) { | ||
function editFile(file, keys, algorithm, args, config) { | ||
let content; | ||
@@ -445,3 +461,3 @@ try { | ||
const opts = { 'base64': args.base64 }; | ||
const opts = { 'base64': args.base64, 'algorithm': algorithm }; | ||
const transformed = yamlcryptHelper.transform(content, keys, opts, str => { | ||
@@ -448,0 +464,0 @@ const tmpFile = tmp.fileSync({ 'dir': dir, 'postfix': '.yaml' }); |
const URLSafeBase64 = require('urlsafe-base64'); | ||
const fernet = require('fernet'); | ||
const branca = require('branca'); | ||
const brancaDefaults = { | ||
'ts': undefined, | ||
'nonce': undefined | ||
}; | ||
/** | ||
* Encrypts the message with the given key. | ||
* @param {string} key Key to use for encryption, must be exactly 32 bits when encoded in UTF-8 | ||
* @param {string} key Key to use for encryption, must be exactly 32 bytes when encoded in UTF-8 | ||
* @param {string} msg String message to encrypt | ||
@@ -18,3 +24,3 @@ * @returns {string} Base64-encoded encrypted string | ||
* Decrypts the message with the given key. | ||
* @param {string} key Key to use for decryption, must be exactly 32 bits when encoded in UTF-8 | ||
* @param {string} key Key to use for decryption, must be exactly 32 bytes when encoded in UTF-8 | ||
* @param {string} msg Base64 encoded message to decrypt | ||
@@ -34,3 +40,28 @@ * @returns {string} Plain text string | ||
/** | ||
* Encrypts the message with the given key. | ||
* @param {string} key Key to use for encryption, must be exactly 32 bytes when encoded in UTF-8 | ||
* @param {string} msg String message to encrypt | ||
* @returns {string} Base62-encoded encrypted string | ||
*/ | ||
function brancaEncrypt(key, msg) { | ||
return branca(key).encode(msg, brancaDefaults.ts, brancaDefaults.nonce); | ||
} | ||
/** | ||
* Decrypts the message with the given key. | ||
* @param {string} key Key to use for decryption, must be exactly 32 bytes when encoded in UTF-8 | ||
* @param {string} msg Base62 encoded message to decrypt | ||
* @returns {string} Plain text string | ||
*/ | ||
function brancaDecrypt(key, msg) { | ||
const payload = branca(key).decode(msg); | ||
return payload.toString(); | ||
} | ||
module.exports.fernetEncrypt = fernetEncrypt; | ||
module.exports.fernetDecrypt = fernetDecrypt; | ||
module.exports.brancaDefaults = brancaDefaults; | ||
module.exports.brancaEncrypt = brancaEncrypt; | ||
module.exports.brancaDecrypt = brancaDecrypt; |
@@ -71,3 +71,3 @@ const yaml = require('js-yaml'); | ||
processValues(obj, null, v => v instanceof yamlcrypt.Plaintext, t => { | ||
const knownText = new _KnownText(t, index++); | ||
const knownText = new _KnownText(t, index++, t.algorithm); | ||
types.push(_knownTextType(key, knownText)); | ||
@@ -91,5 +91,6 @@ return knownText; | ||
class _KnownText { | ||
constructor(plaintext, index) { | ||
constructor(plaintext, index, algorithm) { | ||
this.plaintext = plaintext; | ||
this.index = index; | ||
this.algorithm = algorithm; | ||
} | ||
@@ -108,3 +109,3 @@ } | ||
} else { | ||
return new yamlcrypt.Plaintext(data); | ||
return new yamlcrypt.Plaintext(data, null, knownText.algorithm); | ||
} | ||
@@ -111,0 +112,0 @@ } |
@@ -6,2 +6,3 @@ const yaml = require('js-yaml'); | ||
const ALGORITHM_FERNET = 'fernet:0x80'; | ||
const ALGORITHM_BRANCA = 'branca:0xBA'; | ||
const DEFAULT_ALGORITHM = ALGORITHM_FERNET; | ||
@@ -12,3 +13,3 @@ | ||
*/ | ||
const algorithms = [ALGORITHM_FERNET]; | ||
const algorithms = [ALGORITHM_FERNET, ALGORITHM_BRANCA]; | ||
@@ -19,4 +20,4 @@ /** | ||
class Plaintext { | ||
constructor(plaintext, ciphertext = null, algorithm = DEFAULT_ALGORITHM) { | ||
if (algorithm !== ALGORITHM_FERNET) { | ||
constructor(plaintext, ciphertext = null, algorithm = null) { | ||
if (algorithm && !algorithms.includes(algorithm)) { | ||
throw new Error(`unsupported algorithm: ${algorithm}`); | ||
@@ -38,4 +39,4 @@ } | ||
class Ciphertext { | ||
constructor(ciphertext, algorithm = DEFAULT_ALGORITHM) { | ||
if (algorithm !== ALGORITHM_FERNET) { | ||
constructor(ciphertext, algorithm = null) { | ||
if (algorithm && !algorithms.includes(algorithm)) { | ||
throw new Error(`unsupported algorithm: ${algorithm}`); | ||
@@ -64,11 +65,16 @@ } | ||
opts = opts || {}; | ||
const algorithm = opts.algorithm || DEFAULT_ALGORITHM; | ||
const objects = opts.objects; | ||
const base64 = opts.base64; | ||
this.type = _type(key, algorithm, objects, base64); | ||
this.schema = yaml.Schema.create([this.type]); | ||
this.algorithm = opts.algorithm || DEFAULT_ALGORITHM; | ||
this.types = _types(key, this.algorithm, objects, base64); | ||
this.schema = yaml.Schema.create(this.types); | ||
} | ||
encryptRaw(str) { | ||
return this.type.represent(str); | ||
for (const type of this.types) { | ||
if (type.algorithm === this.algorithm) { | ||
return type.represent(str); | ||
} | ||
} | ||
throw new Error('No type found for algorithm: ' + this.algorithm); | ||
} | ||
@@ -108,11 +114,17 @@ | ||
opts = opts || {}; | ||
const algorithm = opts.algorithm || DEFAULT_ALGORITHM; | ||
const objects = opts.objects; | ||
const base64 = opts.base64; | ||
this.type = _type(key, algorithm, objects, base64); | ||
this.schema = yaml.Schema.create([this.type]); | ||
this.types = _types(key, null, objects, base64); | ||
this.schema = yaml.Schema.create(this.types); | ||
} | ||
decryptRaw(str) { | ||
return this.type.construct(str); | ||
for (const type of this.types) { | ||
try { | ||
return type.construct(str); | ||
} catch (e) { | ||
continue; | ||
} | ||
} | ||
throw new Error('No algorithm found to decrypt message!'); | ||
} | ||
@@ -133,12 +145,20 @@ | ||
function _type(key, algorithm, objects, base64) { | ||
if (algorithm === ALGORITHM_FERNET) { | ||
return _fernetType(key, objects, base64); | ||
} else { | ||
throw new Error(`unsupported algorithm: ${algorithm}`); | ||
} | ||
/** | ||
* Return an array of custom Yaml types | ||
* @param {string} key Encryption/decryption key | ||
* @param {string} defaultAlgorithm Default algorithm | ||
* @param {boolean} objects Should objects or strings be returned? | ||
* @param {boolean} base64 Should the strings be base64 encoded? | ||
*/ | ||
function _types(key, defaultAlgorithm, objects, base64) { | ||
defaultAlgorithm = defaultAlgorithm || DEFAULT_ALGORITHM; | ||
const fernet = _cryptoType(ALGORITHM_FERNET, key, defaultAlgorithm === ALGORITHM_FERNET, | ||
objects, base64, crypto.fernetEncrypt, crypto.fernetDecrypt); | ||
const branca = _cryptoType(ALGORITHM_BRANCA, key, defaultAlgorithm === ALGORITHM_BRANCA, | ||
objects, base64, crypto.brancaEncrypt, crypto.brancaDecrypt); | ||
return [fernet, branca]; | ||
} | ||
function _fernetType(key, objects, base64) { | ||
return new yaml.Type('!yaml-crypt/' + ALGORITHM_FERNET, { | ||
function _cryptoType(algorithm, key, isDefault, objects, base64, encrypt, decrypt) { | ||
const type = new yaml.Type('!yaml-crypt/' + algorithm, { | ||
kind: 'scalar', | ||
@@ -148,6 +168,9 @@ instanceOf: Plaintext, | ||
construct: data => { | ||
const decrypted = crypto.fernetDecrypt(key, data); | ||
const decrypted = decrypt(key, data); | ||
const decoded = (base64 ? new Buffer(decrypted, 'base64').toString() : decrypted); | ||
return (objects ? new Plaintext(decoded, data) : decoded); | ||
return (objects ? new Plaintext(decoded, data, algorithm) : decoded); | ||
}, | ||
predicate: data => { | ||
return data.algorithm === algorithm || (!data.algorithm && isDefault); | ||
}, | ||
represent: data => { | ||
@@ -160,3 +183,3 @@ let encrypted; | ||
const encoded = (base64 ? new Buffer(str).toString('base64') : str); | ||
encrypted = crypto.fernetEncrypt(key, encoded); | ||
encrypted = encrypt(key, encoded); | ||
} | ||
@@ -166,2 +189,4 @@ return (objects ? new Ciphertext(encrypted) : encrypted); | ||
}); | ||
type.algorithm = algorithm; | ||
return type; | ||
} | ||
@@ -168,0 +193,0 @@ |
{ | ||
"name": "yaml-crypt", | ||
"version": "0.1.2", | ||
"version": "0.2.0", | ||
"description": "Encrypt and decrypt YAML documents", | ||
@@ -18,4 +18,5 @@ "license": "MIT", | ||
"argparse": "^1.0.7", | ||
"branca": "^0.2.0", | ||
"fernet": "^0.3.1", | ||
"js-yaml": "^3.9.1", | ||
"js-yaml": "^3.11.0", | ||
"pkginfo": "^0.4.1", | ||
@@ -34,5 +35,5 @@ "tmp": "^0.0.33", | ||
"eslint": "^4.10.0", | ||
"mocha": "^4.0.1", | ||
"nyc": "^11.3.0" | ||
"mocha": "^5.1.0", | ||
"nyc": "^11.6.0" | ||
} | ||
} |
# yaml-crypt | ||
[![Build Status](https://img.shields.io/travis/pascalgn/yaml-crypt.svg?style=flat-square)](https://travis-ci.org/pascalgn/yaml-crypt) [![Coverage status](https://img.shields.io/coveralls/github/pascalgn/yaml-crypt.svg?style=flat-square)](https://coveralls.io/github/pascalgn/yaml-crypt) [![NPM version](https://img.shields.io/npm/v/yaml-crypt.svg?style=flat-square)](https://www.npmjs.org/package/yaml-crypt) | ||
[![Build Status](https://img.shields.io/travis/pascalgn/yaml-crypt.svg?style=flat-square)](https://travis-ci.org/pascalgn/yaml-crypt) | ||
[![Coverage status](https://img.shields.io/coveralls/github/pascalgn/yaml-crypt.svg?style=flat-square)](https://coveralls.io/github/pascalgn/yaml-crypt) | ||
[![License](https://img.shields.io/badge/license-MIT-blue.svg?style=flat-square)](LICENSE) | ||
@@ -23,4 +25,6 @@ Command line utility to encrypt and decrypt YAML documents. | ||
First you will need to generate a key file. Currently, only the [Fernet](https://github.com/fernet/spec/blob/master/Spec.md) | ||
encryption scheme is supported, so you will need a key with exactly 32 bytes. | ||
First you will need to generate a key file. Currently, | ||
both [Fernet](https://github.com/fernet/spec/blob/master/Spec.md) | ||
and [Branca](https://branca.io/) encryption schemes are supported, | ||
so you will need a key with exactly 32 bytes. | ||
The easiest way is to use the [pwgen](https://linux.die.net/man/1/pwgen) command: | ||
@@ -27,0 +31,0 @@ |
@@ -9,6 +9,6 @@ const mocha = require('mocha'); | ||
require('./crypto-util').setupFernet(); | ||
require('./crypto-util').setupCrypto(); | ||
describe('crypto', () => { | ||
it('should return the encrypted content', () => { | ||
it('should return the encrypted content (fernet)', () => { | ||
const result = crypto.fernetEncrypt('aehae5Ui0Eechaeghau9Yoh9jufiep7H', 'Hello, world!'); | ||
@@ -18,3 +18,8 @@ expect(result).to.equal('gAAAAAAAAAABAAECAwQFBgcICQoLDA0OD7nQ_JQsjDx78n7mQ9bW3T-rgiTN7WX3Uq66EDA0qxZDNQppXL6WaOAIW4x8ElmcRg=='); | ||
it('should return the decrypted content', () => { | ||
it('should return the encrypted content (branca)', () => { | ||
const result = crypto.brancaEncrypt('aehae5Ui0Eechaeghau9Yoh9jufiep7H', 'Hello, world!'); | ||
expect(result).to.equal('XUvrtHkyXTh1VUW885Ta4V5eQ3hBMFQMC3S3QwEfWzKWVDt3A5TnVUNtVXubi0fsAA8eerahpobwC8'); | ||
}); | ||
it('should return the decrypted content (fernet)', () => { | ||
const key = 'aehae5Ui0Eechaeghau9Yoh9jufiep7H'; | ||
@@ -24,2 +29,8 @@ const encrypted = 'gAAAAAAAAAABAAECAwQFBgcICQoLDA0OD7nQ_JQsjDx78n7mQ9bW3T-rgiTN7WX3Uq66EDA0qxZDNQppXL6WaOAIW4x8ElmcRg=='; | ||
}); | ||
it('should return the decrypted content (branca)', () => { | ||
const key = 'aehae5Ui0Eechaeghau9Yoh9jufiep7H'; | ||
const encrypted = 'XUvrtHkyXTh1VUW885Ta4V5eQ3hBMFQMC3S3QwEfWzKWVDt3A5TnVUNtVXubi0fsAA8eerahpobwC8'; | ||
expect(crypto.brancaDecrypt(key, encrypted)).to.equal('Hello, world!'); | ||
}); | ||
}); |
@@ -0,7 +1,10 @@ | ||
const crypto = require('../lib/crypto'); | ||
const fernet = require('fernet'); | ||
/** | ||
* Ensures the fernet calls are reproducible | ||
* Ensures the crypto calls are reproducible | ||
*/ | ||
function setupFernet() { | ||
function setupCrypto() { | ||
// Fernet: | ||
const setIV = fernet.Token.prototype.setIV; | ||
@@ -16,4 +19,8 @@ fernet.Token.prototype.setIV = function () { | ||
}; | ||
// Branca: | ||
crypto.brancaDefaults.ts = 1; | ||
crypto.brancaDefaults.nonce = Buffer.alloc(24, 1); | ||
} | ||
module.exports.setupFernet = setupFernet; | ||
module.exports.setupCrypto = setupCrypto; |
const fs = require('fs'); | ||
const stream = require('stream'); | ||
@@ -15,3 +14,3 @@ const mocha = require('mocha'); | ||
require('./crypto-util').setupFernet(); | ||
require('./crypto-util').setupCrypto(); | ||
@@ -33,31 +32,65 @@ class Out { | ||
describe('yaml-crypt-cli', () => { | ||
it('should throw an error when using --unknown-option', () => { | ||
expect(() => yamlcryptcli.run(['--unknown-option'], {}, { 'stdout': new Out() })) | ||
.to.throw().with.property('status', 2); | ||
}); | ||
it('should display usage info when using --help', () => { | ||
expect(() => yamlcryptcli.run(['--help'], {}, { 'stdout': new Out() })) | ||
.to.throw().with.property('status', 0); | ||
}); | ||
it('should throw an error when using --path and --raw', () => { | ||
const out = new stream.Writable(); | ||
expect(() => yamlcryptcli.run(['--path', 'x', '--raw'], {}, { 'stdout': out })).to.throw(); | ||
expect(() => runWithKeyFile(['--path', 'x', '--raw'], {}, { 'stdout': new Out() })) | ||
.to.throw(/cannot be combined/); | ||
}); | ||
it('should throw an error when passing directory without --dir', () => { | ||
const out = new stream.Writable(); | ||
expect(() => yamlcryptcli.run(['.'], {}, { 'stdout': out })).to.throw(); | ||
expect(() => runWithKeyFile(['.'], {}, { 'stdout': new Out() })) | ||
.to.throw(/directories will be skipped/); | ||
}); | ||
it('should encrypt the given YAML file', () => { | ||
const keyFile = tmp.fileSync(); | ||
fs.writeSync(keyFile.fd, 'aehae5Ui0Eechaeghau9Yoh9jufiep7H'); | ||
it('should throw an error when passing non-existing files to --edit', () => { | ||
expect(() => runWithKeyFile(['--edit', 'nonexisting'], {}, { 'stdout': new Out() })) | ||
.to.throw(/file does not exist/); | ||
}); | ||
it('should throw an error when encrypting with two keys', () => { | ||
const secondKeyFile = tmp.fileSync(); | ||
fs.writeSync(secondKeyFile.fd, 'aehae5Ui0Eechaeghau9Yoh9jufiep72'); | ||
expect(() => runWithKeyFile(['-k', secondKeyFile.name, '-e'], {}, { 'stdout': new Out() })) | ||
.to.throw(/more than one key/); | ||
}); | ||
it('should encrypt the given YAML file (fernet)', () => { | ||
const input = tmp.fileSync({ 'postfix': '.yaml' }); | ||
fs.writeSync(input.fd, yaml.safeDump({ 'first': 'Hello, world!', 'second': 'Hello!' })); | ||
const out = new stream.Writable(); | ||
yamlcryptcli.run(['-k', keyFile.name, input.name], {}, { 'stdout': out }); | ||
fs.copyFileSync('./test/test-2.yaml', input.name); | ||
runWithKeyFile([input.name], {}, { 'stdout': new Out() }); | ||
const output = fs.readFileSync(input.name + '-crypt'); | ||
const expected = fs.readFileSync('./test/test-2.yaml-crypt'); | ||
const expected = fs.readFileSync('./test/test-2a.yaml-crypt'); | ||
expect(output.toString('utf8')).to.equal(expected.toString('utf8')); | ||
}); | ||
it('should encrypt the given YAML file (branca)', () => { | ||
const input = tmp.fileSync({ 'postfix': '.yaml' }); | ||
fs.copyFileSync('./test/test-2.yaml', input.name); | ||
runWithKeyFile(['-a', 'branca', input.name], {}, { 'stdout': new Out() }); | ||
const output = fs.readFileSync(input.name + '-crypt'); | ||
const expected = fs.readFileSync('./test/test-2b.yaml-crypt'); | ||
expect(output.toString('utf8')).to.equal(expected.toString('utf8')); | ||
}); | ||
it('should decrypt the given YAML file', () => { | ||
const input = tmp.fileSync({ 'postfix': '.yaml-crypt' }); | ||
fs.copyFileSync('./test/test-2a.yaml-crypt', input.name); | ||
runWithKeyFile([input.name], {}, { 'stdout': new Out() }); | ||
const output = fs.readFileSync(input.name.substring(0, input.name.length - '-crypt'.length)); | ||
const expected = fs.readFileSync('./test/test-2.yaml'); | ||
expect(output.toString('utf8')).to.equal(expected.toString('utf8')); | ||
}); | ||
it('should encrypt only parts of the YAML file when using --path', () => { | ||
const keyFile = tmp.fileSync(); | ||
fs.writeSync(keyFile.fd, 'aehae5Ui0Eechaeghau9Yoh9jufiep7H'); | ||
const input = tmp.fileSync({ 'postfix': '.yaml' }); | ||
fs.writeSync(input.fd, yaml.safeDump({ 'a': { 'b': { 'c': 'secret' } }, 'x': 'plain' })); | ||
const out = new stream.Writable(); | ||
yamlcryptcli.run(['-k', keyFile.name, '--path', 'a.b.c', input.name], {}, { 'stdout': out }); | ||
runWithKeyFile(['--path', 'a.b.c', input.name], {}, { 'stdout': new Out() }); | ||
const output = fs.readFileSync(input.name + '-crypt'); | ||
@@ -68,2 +101,24 @@ const expected = fs.readFileSync('./test/test-3.yaml-crypt'); | ||
it('should remove the old files when using --rm', () => { | ||
const input = tmp.fileSync({ 'postfix': '.yaml' }); | ||
fs.copyFileSync('./test/test-2.yaml', input.name); | ||
runWithKeyFile(['--rm', input.name], {}, { 'stdout': new Out() }); | ||
expect(fs.existsSync(input.name)).to.equal(false); | ||
}); | ||
function runWithKeyFile(argv, config, options) { | ||
const keyFile = tmp.fileSync(); | ||
fs.writeSync(keyFile.fd, 'aehae5Ui0Eechaeghau9Yoh9jufiep7H'); | ||
return yamlcryptcli.run(['-k', keyFile.name].concat(argv), config, options); | ||
} | ||
it('should throw an error when no matching key is available', () => { | ||
const keyFile = tmp.fileSync(); | ||
fs.writeSync(keyFile.fd, 'INVALID_KEYchaeghau9Yoh9jufiep7H'); | ||
const input = tmp.fileSync({ 'postfix': '.yaml-crypt' }); | ||
fs.copyFileSync('./test/test-2a.yaml-crypt', input.name); | ||
expect(() => yamlcryptcli.run(['-k', keyFile.name, input.name], {}, { 'stdout': new Out() })) | ||
.to.throw(/No matching key/); | ||
}); | ||
it('should decrypt the given input', () => { | ||
@@ -76,3 +131,3 @@ const config = { | ||
const options = { | ||
'stdin': fs.readFileSync('./test/test-2.yaml-crypt'), | ||
'stdin': fs.readFileSync('./test/test-2a.yaml-crypt'), | ||
'stdout': new Out() | ||
@@ -107,3 +162,3 @@ }; | ||
const input = tmp.fileSync({ 'postfix': '.yaml-crypt' }); | ||
fs.copyFileSync('./test/test-2.yaml-crypt', input.name); | ||
fs.copyFileSync('./test/test-2a.yaml-crypt', input.name); | ||
@@ -113,5 +168,5 @@ yamlcryptcli.run(['-k', keyFile.name, '--edit', input.name], { 'editor': 'touch' }, {}); | ||
const output = fs.readFileSync(input.name); | ||
const expected = fs.readFileSync('./test/test-2.yaml-crypt'); | ||
const expected = fs.readFileSync('./test/test-2a.yaml-crypt'); | ||
expect(output.toString('utf8')).to.equal(expected.toString('utf8')); | ||
}); | ||
}); |
@@ -11,3 +11,3 @@ const fs = require('fs'); | ||
require('./crypto-util').setupFernet(); | ||
require('./crypto-util').setupCrypto(); | ||
@@ -24,3 +24,6 @@ describe('yaml-crypt', () => { | ||
const yaml = yamlcrypt.encrypt('aehae5Ui0Eechaeghau9Yoh9jufiep7H'); | ||
const result = yaml.safeDump({ 'key1': new yamlcrypt.Plaintext('Hello, world!') }); | ||
const result = yaml.safeDump({ | ||
'key1': new yamlcrypt.Plaintext('Hello, world!'), | ||
'key2': new yamlcrypt.Plaintext('Hello, world!', null, 'branca:0xBA') | ||
}); | ||
const expected = fs.readFileSync('./test/test-1.yaml-crypt').toString('utf8'); | ||
@@ -27,0 +30,0 @@ expect(result).to.equal(expected); |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
44216
21
1035
87
7
+ Addedbranca@^0.2.0
+ Addedbase-x@3.0.10(transitive)
+ Addedbranca@0.2.0(transitive)
+ Addedbufferpack@0.0.6(transitive)
+ Addedlibsodium@0.5.4(transitive)
+ Addedlibsodium-wrappers@0.5.4(transitive)
+ Addedsafe-buffer@5.2.1(transitive)
Updatedjs-yaml@^3.11.0