@drifted/raven 0.0.1

package/README.md

@@ -0,0 +1,56 @@
+
+# jsondatafile
+
+---
+
+```bash
+   npm install -g @drifted/jsondatafile 
+```
+
+```bash
+  > raven usage
+
+  > raven secret 
+  secret: fVu1houhxJS0QeIGSURG0Mzm1C8o3QedhRETu8/ZVM4=
+
+  > raven encrypt -s 'fVu1houhxJS0QeIGSURG0Mzm1C8o3QedhRETu8/ZVM4=' -d '{"test": true}'
+  data: 75e1eb5497506fb3c19212546f6bbd64:4aa059c75da768a5cffbd739d47ccb77:4221fa37367a53ea00d033148cae
+  
+  > raven decrypt -s 'fVu1houhxJS0QeIGSURG0Mzm1C8o3QedhRETu8/ZVM4=' -d '75e1eb5497506fb3c19212546f6bbd64:4aa059c75da768a5cffbd739d47ccb77:4221fa37367a53ea00d033148cae'
+  { test: true }
+
+  > raven conceal -f theraven.txt
+
+  theraven.txt encrypted
+  secret: /n6hOiIoIg/qaQFQVMyyqNUB0pDAZmPyLblU/nKz4vg=
+
+  > raven expose -f theraven.txt -s "/n6hOiIoIg/qaQFQVMyyqNUB0pDAZmPyLblU/nKz4vg="
+
+  theraven.txt decrypted
+  secret: /n6hOiIoIg/qaQFQVMyyqNUB0pDAZmPyLblU/nKz4vg=
+
+  > raven init 
+  file created at config/secret.json  # create default secret
+
+  > raven init
+  config/secret.json already exists.  # won't overwrite existing
+
+  > raven generate
+  file created at config/secret.json  # force new file to be created
+
+  > raven show
+  {
+    "secret": "O9JorHTlz2Wk+oaGq1XpLZzYxwblzlYd3+No7l8eupQ="
+  }
+
+  > raven conceal -f theraven.txt
+
+  theraven.txt encrypted
+  secret: O9JorHTlz2Wk+oaGq1XpLZzYxwblzlYd3+No7l8eupQ=
+
+  > raven expose -f theraven.txt
+
+  theraven.txt decrypted
+  secret: O9JorHTlz2Wk+oaGq1XpLZzYxwblzlYd3+No7l8eupQ=
+
+```

package/bin/cli.js

@@ -0,0 +1,167 @@
+#!/usr/bin/env node
+
+var CarrierPigeon = require('carrier-pigeon');
+var path = require('path');
+var fs = require('fs');
+var crypto = require('crypto');
+const JSONDataFile = require(path.join(__dirname, '..'));
+
+
+var parser = new CarrierPigeon({strict: true});
+parser.commands('usage', 'show', 'secret', 'init', 'generate', 'expose', 'conceal', 'encrypt', 'decrypt');
+parser.option('file', {type: 'file'});
+parser.option('secret', {});
+parser.option('data', {});
+parser.option('json', {default: false});
+parser.option('location', {type: 'file', default: process.cwd()});
+parser.option('verbose', {default: false});
+
+var options = parser.parse(process.argv);
+var command = options.command;
+delete options.command;
+
+process.chdir(options.location);
+delete options.location;
+
+
+
+
+if (options.verbose) {
+    console.log('command:',command);
+    console.log('options:',options);
+}
+
+
+
+if (command == 'encrypt') {
+  var file   = new JSONDataFile(options);
+
+  var data = file.encrypt(options.data);
+  if (options.json) {
+    console.log(JSON.stringify({action: 'encrypt', options: options, data: data}, null, 2))
+  } else {
+    console.log('data:', data);
+  }
+}
+
+
+
+if (command == 'decrypt') {
+  var data   = options.data;
+  var secret = options.secret;
+
+  delete options.data;
+  var file   = new JSONDataFile(options);
+  var json = file.decrypt(data);
+
+  try {
+    json = JSON.parse(json);
+  } catch(error) {
+    if (options.verbose) {
+      console.log(error);
+    }
+  }
+  if (options.json) {
+    console.log(JSON.stringify({action: 'decrypt', options: options, data: json}, null, 2))
+  } else {
+    console.log(json);
+  }
+}
+
+
+
+if (command == 'generate') {
+  JSONDataFile.generate().then((generated) => {
+    if (options.json) {
+       
+       console.log(JSON.stringify({
+         action: 'generate', 
+         options: options, 
+         location: process.cwd(), 
+         success: generated
+       }, null, 2))
+
+    } else {
+      console.log('file created at', JSONDataFile.secretFile().replace(process.cwd()+path.sep, ''));
+    }
+  })  
+}
+
+
+
+if (command == 'init') {
+  JSONDataFile.init().then((initialized) => {
+    if (options.json) {
+      console.log(JSON.stringify({action: 'init', options: options, location: process.cwd(), success: initialized}, null, 2))
+    } else {
+      if (initialized) {
+        console.log('file created at', JSONDataFile.secretFile().replace(process.cwd()+path.sep, ''));
+      } else {
+        console.log(JSONDataFile.secretFile().replace(process.cwd()+path.sep, ''), 'already exists.');
+      }
+    }
+  })  
+}
+
+
+
+if (command == 'secret') {
+  if (options.json) {
+    console.log(JSON.stringify({ secret: JSONDataFile.secret() }, null, 2));
+  } else {
+    console.log('secret:', JSONDataFile.secret());
+  }
+}
+
+
+
+if (command == 'show') {
+  var json = JSON.parse(JSONDataFile.show());
+  if (options.json) {
+    console.log(JSON.stringify(json, null, 2));
+  } else {
+    console.log('secret:', json.secret);
+  }
+}
+
+
+
+if (command == 'expose') {
+  var file = new JSONDataFile(options);
+  //console.log(file);
+  file.expose().then(() => {   
+    if (options.json) {
+      console.log(JSON.stringify({file: file.shortPath, action: 'expose', options: options, secret: file.secret}, null, 2))
+    } else {
+      console.log('');
+      console.log(file.shortPath(), 'decrypted'); 
+      console.log('secret:', file.secret);
+      console.log('');
+    }
+  })
+}
+
+
+
+if (command == 'conceal') {
+  var file = new JSONDataFile(options);
+  //console.log(file);
+  file.conceal().then(() => {
+    if (options.json) {
+      console.log(JSON.stringify({file: file.shortPath, action: 'conceal', options: options, secret: file.secret}, null, 2))
+    } else {
+      console.log('');
+      console.log(file.shortPath(), 'encrypted');
+      console.log('secret:', file.secret);
+      console.log('');
+    }
+  })
+}
+
+
+
+if (command == 'usage') {
+  console.log(fs.readFileSync(path.join(__dirname, '..', 'usage.txt')).toString());
+}
+
+

package/config/secret.json

@@ -0,0 +1,3 @@
+{
+  "secret": "LqnSD01cIYesAZEjLc3qIVvnVt2jcSg6DObMHyeWcGA="
+}

package/index.js

@@ -0,0 +1,178 @@
+const path = require('path');
+const crypto = require('crypto');
+const fs = require('fs');
+
+const ivLength = 16;
+
+class JSONDataFile {
+  constructor(options={}) {
+    Object.assign(this, options)
+
+    if (this.data != undefined && typeof this.data == 'string') {
+      try {
+        this.data = JSON.parse(this.data);
+      } catch(error) {
+        //console.log(error)
+      }
+    }
+
+    if (this.algorithm == undefined) {
+      this.algorithm = 'aes-256-gcm';
+    }
+
+    if (this.secret == undefined && JSONDataFile.hasFile()) {
+      this.populateFromFile();
+    } 
+    
+    if (this.secret == undefined) {
+      this.secret = crypto.randomBytes(32).toString('base64');
+    }
+  }
+  
+  populateFromFile() {
+    var data = fs.readFileSync(JSONDataFile.secretFile()).toString();
+    var json = JSON.parse(data);
+    this.secret = json.secret;
+  }
+
+  shortPath() {
+    return this.file.replace(process.cwd()+"/", "")
+  }
+
+  static show() {
+    return fs.readFileSync(this.secretFile()).toString();
+  }
+
+  static secretFile() {
+    return path.join(process.cwd(), 'config', 'secret.json');
+  }
+
+  static hasFile() {
+    var exists = fs.existsSync(this.secretFile());
+    return exists;
+  }
+
+  static generate() {
+    var self = this;
+    return new Promise((resolve) => {
+      var secret = self.secret();
+
+      fs.writeFile(self.secretFile(), JSON.stringify({secret}, null, 2), () => {
+        resolve(true);
+      })
+    })
+  }
+
+  static init() {
+    var self = this;
+    return new Promise((resolve) => {
+      fs.mkdir(path.join(process.cwd(), 'config'), { recursive: true }, (err) => {
+        if (err) throw err;
+
+        if (self.hasFile() == false) {
+          self.generate().then(() => {
+            resolve(true);
+          })
+        } else {
+          resolve(false)
+        }
+      });
+    })
+  }
+
+  static secret() {
+    return crypto.randomBytes(32).toString('base64');
+  }
+
+  encrypt(text) {
+    const iv = crypto.randomBytes(ivLength);
+    const cipher = crypto.createCipheriv(this.algorithm, Buffer.from(this.secret, 'base64'), iv);
+
+    let encrypted = cipher.update(text, 'utf8', 'hex');
+    encrypted += cipher.final('hex');
+
+    const authTag = cipher.getAuthTag().toString('hex');
+
+    // Return IV, Auth Tag, and Encrypted data together (often as a single string)
+    return `${iv.toString('hex')}:${authTag}:${encrypted}`;
+  }
+
+  decrypt(encryptedData) {
+    const [ivHex, authTagHex, encryptedText] = encryptedData.split(':');
+
+    const decipher = crypto.createDecipheriv(
+      this.algorithm,
+      Buffer.from(this.secret, 'base64'),
+      Buffer.from(ivHex, 'hex')
+    );
+
+    decipher.setAuthTag(Buffer.from(authTagHex, 'hex'));
+
+    let decrypted = decipher.update(encryptedText, 'hex', 'utf8');
+    decrypted += decipher.final('utf8');
+    
+    return decrypted;
+  }
+
+
+  read() {
+    var self = this;
+
+    return new Promise(async(resolve) => {
+      fs.readFile(self.file, 'utf8', async (err, data) => {
+        self.data = data;      
+        
+        resolve(data);
+      });
+    })
+  }
+
+  save() {
+    var self = this;
+    return new Promise(async(resolve) => {
+      fs.writeFile(self.file, self.data, error => {
+        var success = true;
+
+        if (error) {
+          success = false;
+          reject({success, error});
+        } else {
+          resolve({success});
+        }
+      });    
+    })
+  }
+
+  conceal() {
+    var self = this;
+    return new Promise(async(resolve) => {
+      self.read().then((data) => {
+        self.data = self.encrypt(data);
+
+        self.save().then((response) => {
+          resolve(response);
+        })
+      }) 
+    })
+  }
+
+  expose() {
+    var self = this;
+    return new Promise(async(resolve) => {
+      self.read().then((data) => {
+        self.data = self.decrypt(data);
+        
+        self.save().then((response) => {
+          resolve(response);
+        })
+      })
+    })
+  }
+
+}
+
+
+module.exports = JSONDataFile;
+
+
+

package/package.json

@@ -0,0 +1,28 @@
+{
+  "name": "@drifted/raven",
+  "version": "0.0.1",
+  "description": "",
+  "homepage": "https://github.com/driftless-group/raven",
+  "bin": {
+    "raven": "./bin/cli.js"
+  },
+  "repository": {
+    "type": "git",
+    "url": "@drifted/raven"
+  },
+  "license": "UNLICENSED",
+  "author": "Scott Ballantyne",
+  "type": "commonjs",
+  "main": "index.js",
+  "scripts": {
+    "test": "mocha -w",
+    "encrypt": "./bin/file.js encrypt",
+    "decrypt": "./bin/file.js decrypt"
+  },
+  "devDependencies": {
+    "@drifted/qa": "^0.0.5"
+  },
+  "dependencies": {
+    "carrier-pigeon": "^0.1.11"
+  }
+}

package/test/cli.test.js

@@ -0,0 +1,130 @@
+const path = require('path');
+const assert = require('assert');
+const fs = require('fs');
+
+const JSONDataFile = require(path.join(__dirname, '..'));
+var { exec } = require('child_process');
+
+const {
+  doneMessage
+} = require('@drifted/qa');
+
+const {
+  run, ensure, remove
+} = require(path.join(__dirname, 'helpers'));
+
+var defaults = {
+  secret: 'ffdnZY17Fw+sup2+lhOOt6PW++/RkLTXRaLL3RJsjzE='
+}
+
+describe('raven', function() {
+
+  describe('human', function() {
+    it('secret', function(done) {
+      run('secret').then((stdout) => {
+        var secret = stdout.replace('secret: ', '');
+
+        assert.equal(secret.length, 45);
+        assert.notEqual(secret, undefined);
+        
+        done();
+      }).catch(console.log)
+    })
+    
+    it('init', function(done) {
+      var homeConfig = path.join(__dirname, 'workspace', 'config')
+      remove(homeConfig).then(() => {
+        run('init').then((stdout) => {
+          var json = JSON.parse(fs.readFileSync(path.join(homeConfig, 'secret.json')).toString());
+
+          //console.log(json);
+          assert.equal(json.secret.length, 44);
+          assert.notEqual(json.secret, undefined);
+
+          done();
+        }).catch(doneMessage(done));
+      }).catch(doneMessage(done));
+    })
+
+    it('generate', function(done) {
+      var homeConfig = path.join(__dirname, 'workspace', 'config')
+      remove(homeConfig).then(() => {
+        run('init').then((stdout) => {
+          var initial = JSON.parse(fs.readFileSync(path.join(homeConfig, 'secret.json')).toString());
+          assert.equal(initial.secret.length, 44);
+          assert.notEqual(initial.secret, undefined);
+
+          run('generate').then(() => {
+            var regenerated = JSON.parse(fs.readFileSync(path.join(homeConfig, 'secret.json')).toString());
+            assert.notEqual(initial.secret, regenerated.secret);
+            assert.equal(regenerated.secret.length, 44);
+            assert.notEqual(regenerated.secret, undefined);
+
+            done();
+          });
+        }).catch(doneMessage(done));
+      }).catch(doneMessage(done));
+    })
+  })
+
+  describe('json', function() {
+    it('show', function(done) {
+      run('show', '-j').then((stdout) => {
+        var json = JSON.parse(stdout);
+        
+        assert.equal(json.secret.length, 44);
+        assert.notEqual(json.secret, undefined);
+        
+        done();
+      }).catch(doneMessage(done));
+    })
+  })
+
+  describe('files', function() {
+    it('conceal/expose', function(done) {
+      var secret = JSONDataFile.secret();
+      var file = path.join(__dirname, 'theraven.txt');
+      var initial = fs.readFileSync(file).toString();
+      
+      run('conceal', '-f', file, '-s', secret).then(() => {
+        var encrypted = fs.readFileSync(file).toString();
+        run('expose', '-f', file, '-s', secret).then(() => {
+          var final = fs.readFileSync(file).toString();
+          
+          assert.equal(initial, final);
+          assert.notEqual(initial, encrypted);
+          assert.notEqual(encrypted, final);
+          
+          done();
+        }).catch(doneMessage(done));
+      }).catch(doneMessage(done));
+    })
+
+    it('repeatedly concealing/exposing', function(done) {
+      var secret = JSONDataFile.secret();
+      var file = path.join(__dirname, 'theraven.txt');
+      var initial = fs.readFileSync(file).toString();
+      run('conceal', '-f', file, '-s', secret).then(() => {
+        run('conceal', '-f', file, '-s', secret).then(() => {
+          run('conceal', '-f', file, '-s', secret).then(() => {
+            var encrypted = fs.readFileSync(file).toString();
+            run('expose', '-f', file, '-s', secret).then(() => {
+              run('expose', '-f', file, '-s', secret).then(() => {
+                run('expose', '-f', file, '-s', secret).then(() => {
+                  var final = fs.readFileSync(file).toString();
+
+                  assert.equal(initial, final);
+                  assert.notEqual(initial, encrypted);
+                  assert.notEqual(encrypted, final);
+
+                  done();
+                }).catch(doneMessage(done));
+              }).catch(doneMessage(done));
+            }).catch(doneMessage(done));
+          }).catch(doneMessage(done));
+        }).catch(doneMessage(done));
+      }).catch(doneMessage(done));
+    })
+  })
+
+})

package/test/data/original.json

@@ -0,0 +1,3 @@
+{
+  "some": "sort of data"
+}

package/test/helpers.js

@@ -0,0 +1,49 @@
+const path = require('path');
+const assert = require('assert');
+var { exec } = require('child_process');
+var { mkdir } = require('fs');
+const fs = require('fs');
+
+
+function run(...specifics) {
+  var parts = [process.execPath, path.join(__dirname, '..', 'bin', 'cli.js')].concat(specifics);
+  return new Promise((resolve, reject) => {
+    exec(parts.join(' '), (err, stdout, stdin) => {
+      if (err) { 
+        reject(err) 
+      } else {
+        resolve(stdout);
+      }
+    })
+  })
+}
+
+module.exports.run = run;
+
+
+function ensure(pathname) {
+  return new Promise((resolve) => {
+    if (fs.existsSync(pathname)) {
+      resolve();
+    } else {
+      fs.mkdir(pathname, { recursive: true }, (err, stdout, stdin) => {
+        resolve();
+      })
+    }
+  })
+}
+module.exports.ensure = ensure;
+
+
+function remove(pathname) {
+  return new Promise((resolve) => {
+    if (fs.existsSync(pathname)) {
+      fs.rm(pathname, { recursive: true, force: true }, (err, stdout, stdin) => {
+        resolve();
+      })
+    } else {
+      resolve();
+    }
+  })
+}
+module.exports.remove = remove;

package/test/raven.test.js

@@ -0,0 +1,36 @@
+const path = require('path');
+const assert = require('assert');
+
+const JSONDataFile = require(path.join(__dirname, '..'));
+
+var defaults = {
+  secret: 'ffdnZY17Fw+sup2+lhOOt6PW++/RkLTXRaLL3RJsjzE='
+}
+
+process.chdir(path.join(__dirname, 'workspace'));
+
+describe('raven', function() {
+  
+
+  it('read', function(done) {
+    
+    done();
+  })
+
+  it('write', function(done) {
+    done();
+  })
+
+  it('encrypt/decrypt', function(done) {
+    var jdf = new JSONDataFile({secret: defaults.secret, data: {test: true}});
+    var result = jdf.encrypt(JSON.stringify(jdf.data));
+    result = JSON.parse(jdf.decrypt(result));
+    assert.equal(result.test, true);
+    
+    done();
+  })
+
+
+
+
+})

package/test/workspace/config/secret.json

@@ -0,0 +1,3 @@
+{
+  "secret": "RH5L+pLR1icf65Dhl+Jl6ZM7HuT8ASov7OdjlajZyJ4="
+}

package/test/workspace/example.json

@@ -0,0 +1 @@
+{"test": true}

package/usage.txt

@@ -0,0 +1,47 @@
+
+raven
+
+    This is a bin that is intended to make it easy to hide environment variables 
+    so that they aren't clear text.  It should be able to also encrypt and decrypt 
+    data of other sorts too.
+
+Synopsis
+
+    The original inspiration was from what rails does with their secret/credentials.  
+    I don't know if it is implemented the same way or not but it is intended to be 
+    for the same use.
+
+Usage
+    
+    raven command [options]
+
+Commands
+
+    init       prepares new project with config/secret.json
+    generate   overwrites old secret
+    expose     decrypts encrypted file in place
+    conceal    encrypts file                    
+    encrypt    encrypts data passed into the bin
+    decrypt    decrypts data passed into the bin
+    secret     generates a secret to use to encrypt data
+    show       shows the current secret
+    usage      prints out this information
+
+Description
+    
+    -f, --file       this is the path to the file that your are trying to encrypt or decrypt.
+                       if you use this flag it will read the file and populate the data 
+                       attribute.
+
+    -s, --secret     this is the secret that is used to encrypt the data
+ 
+    -d, --data       this is how you pass in the data
+
+    -j, --json       this is supposed to be a way to make the output 
+                       by in json so that a machine can read it.
+
+    -l, --location   this lets you decide which directory you are running the command in
+
+
+
+