UNPKG

@robotti.io/escrypt

Version:

Enterprise Secret Encryptor

gitlab.com/robotti.io/escrypt

98 lines (87 loc) 3.1 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
const fs = require('fs'); const { Validator } = require('jsonschema'); const path = require('path'); const configSchema = { id: '/configSchema', type: 'object', additionalProperties: false, properties: { directory: { type: 'string' }, filename: { type: 'string' }, type: { type: 'string', enum: ['json'] } }, required: ['directory', 'filename', 'type'] }; module.exports = class ConfigurationInteractor { // Private Declarations #encryptedFilePath; #secrets; #type; /** * Configuration Interactor Constructor * @param {Object} config - Configuration Object * @param {string} config.directory - Directory for secrets file * @param {string} config.filename - Filename for secrets file * @param {string} config.type - Storage type for secrets file */ constructor(config) { try { const validator = new Validator(); const validationResults = validator.validate(config, configSchema); if (!validationResults.valid) throw new Error(validationResults); const directory = path.resolve(config.directory); if (!fs.existsSync(directory) || !fs.lstatSync(directory).isDirectory()) throw new Error('Invalid directory provided'); this.#encryptedFilePath = path.join(directory, config.filename); if (!fs.existsSync(this.#encryptedFilePath)) throw new Error('Configuration files does not exists'); this.#type = config.type; this.#readSecretsFile(); } catch (err) { throw new Error(err); } } /** * Read the secrets file * @returns {string} */ #readSecretsFile() { const secrets = fs.readFileSync(this.#encryptedFilePath, 'utf8'); if (this.#type === 'json') return this.#readJSON(secrets); throw new Error('Invalid configuration type'); } /** * JSON Parser * @param {string} secrets - The content of the secrets file */ #readJSON(secrets) { if (typeof secrets !== 'string') throw new Error('Invalid configuration file'); if (secrets === '') this.#secrets = {}; else this.#secrets = JSON.parse(secrets); } /** * Write the secrets file JSON */ #writeJSON() { fs.writeFileSync(this.#encryptedFilePath, JSON.stringify(this.#secrets)); } /** * Store encrypted secret into secrets file * @param {string} key - Secret key name * @param {string} encryptedSecret - Encrypted secret value */ storeEncryptedSecret(key, encryptedSecret) { if (typeof key !== 'string' || key === '') throw new Error('Invalid key provided'); if (typeof encryptedSecret !== 'string') throw new Error('Expected encrypted secret to be a string'); this.#secrets[key] = encryptedSecret; if (this.#type === 'json') this.#writeJSON(); } /** * Retrieve encrypted secret from secrets file * @param {string} key - Secret key name * @returns {string} */ retrieveEncryptedSecret(key) { if (typeof key !== 'string' || key === '') throw new Error('Invalid key provided'); if (Object.keys(this.#secrets).indexOf(key) < 0) throw new Error('Secret does not exist'); return this.#secrets[key]; } };