@node-cli/secret 1.0.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) Arno Versini
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,37 @@
+# Node CLI secret package
+
+![npm](https://img.shields.io/npm/v/@node-cli/secret?label=version&logo=npm)
+
+> Secret is a command line tool that can encode or decode a file with a password.
+
+## Installation
+
+```sh
+> npm install --global @node-cli/secret
+```
+
+## Examples
+
+NOTE: The password is not stored anywhere, it is only used to encrypt or decrypt the file and will be prompted each time.
+
+### Encrypt a file
+
+```sh
+> secret --encrypt README.md README.md.enc
+```
+
+### Decrypt a file
+
+```sh
+> secret --decrypt README.md.enc README.md
+```
+
+### Get help
+
+```sh
+> search --help
+```
+
+## License
+
+MIT © Arno Versini

package/dist/index.d.ts

@@ -0,0 +1,7 @@
+/**
+ * @file Automatically generated by barrelsby.
+ */
+
+export * from "./parse";
+export * from "./secret";
+export * from "./utilities";

package/dist/parse.d.ts

@@ -0,0 +1,15 @@
+export type Flags = {
+    decrypt?: boolean;
+    encrypt?: boolean;
+    help?: boolean;
+    version?: boolean;
+};
+export type Parameters = {
+    input?: string;
+    output?: string;
+};
+export type Configuration = {
+    flags?: Flags;
+    parameters?: Parameters;
+};
+export declare const config: Configuration;

package/dist/parse.js

@@ -0,0 +1,60 @@
+import kleur from "kleur";
+import { parser } from "@node-cli/parser";
+/* istanbul ignore next */ export const config = parser({
+    meta: import.meta,
+    examples: [
+        {
+            command: 'secret -e "my-file.txt" "my-file.txt.enc"',
+            comment: '## Encrypt the file "my-file.txt" and save the result in\n    ## "my-file.txt.enc" - password will be prompted'
+        },
+        {
+            command: 'secret -d "my-file.txt.enc" "my-file.txt"',
+            comment: `## Decrypt the file "my-file.txt.enc" and save the\n    ## result in "my-file.txt" - password will be prompted`
+        }
+    ],
+    flags: {
+        decrypt: {
+            shortFlag: "d",
+            description: `Decrypt a password protected file`,
+            type: "boolean"
+        },
+        encrypt: {
+            shortFlag: "e",
+            description: `Encrypt a file with a password`,
+            type: "boolean"
+        },
+        help: {
+            shortFlag: "h",
+            description: "Display help instructions",
+            type: "boolean"
+        },
+        version: {
+            shortFlag: "v",
+            description: "Output the current version",
+            type: "boolean"
+        }
+    },
+    parameters: {
+        input: {
+            description: "The file to encrypt or decrypt"
+        },
+        output: {
+            description: "The file to create in order to save the result of the encryption or decryption"
+        }
+    },
+    restrictions: [
+        {
+            exit: 1,
+            message: ()=>kleur.red(`\nError: one of --encrypt or --decrypt option must be provided.`),
+            test: (x)=>x.encrypt === false && x.decrypt === false
+        },
+        {
+            exit: 1,
+            message: ()=>kleur.red(`\nError: either --encrypt or --decrypt option must be provided, but not both.`),
+            test: (x)=>x.encrypt === true && x.decrypt === true
+        }
+    ],
+    usage: "secret [options] [input] [output]"
+});
+
+//# sourceMappingURL=parse.js.map

package/dist/parse.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/parse.ts"],"sourcesContent":["import kleur from \"kleur\";\nimport { parser } from \"@node-cli/parser\";\n\nexport type Flags = {\n\tdecrypt?: boolean;\n\tencrypt?: boolean;\n\thelp?: boolean;\n\tversion?: boolean;\n};\n\nexport type Parameters = {\n\tinput?: string;\n\toutput?: string;\n};\n\nexport type Configuration = {\n\tflags?: Flags;\n\tparameters?: Parameters;\n};\n\n/* istanbul ignore next */\nexport const config: Configuration = parser({\n\tmeta: import.meta,\n\texamples: [\n\t\t{\n\t\t\tcommand: 'secret -e \"my-file.txt\" \"my-file.txt.enc\"',\n\t\t\tcomment:\n\t\t\t\t'## Encrypt the file \"my-file.txt\" and save the result in\\n    ## \"my-file.txt.enc\" - password will be prompted',\n\t\t},\n\t\t{\n\t\t\tcommand: 'secret -d \"my-file.txt.enc\" \"my-file.txt\"',\n\t\t\tcomment: `## Decrypt the file \"my-file.txt.enc\" and save the\\n    ## result in \"my-file.txt\" - password will be prompted`,\n\t\t},\n\t],\n\tflags: {\n\t\tdecrypt: {\n\t\t\tshortFlag: \"d\",\n\t\t\tdescription: `Decrypt a password protected file`,\n\t\t\ttype: \"boolean\",\n\t\t},\n\t\tencrypt: {\n\t\t\tshortFlag: \"e\",\n\t\t\tdescription: `Encrypt a file with a password`,\n\t\t\ttype: \"boolean\",\n\t\t},\n\t\thelp: {\n\t\t\tshortFlag: \"h\",\n\t\t\tdescription: \"Display help instructions\",\n\t\t\ttype: \"boolean\",\n\t\t},\n\t\tversion: {\n\t\t\tshortFlag: \"v\",\n\t\t\tdescription: \"Output the current version\",\n\t\t\ttype: \"boolean\",\n\t\t},\n\t},\n\tparameters: {\n\t\tinput: {\n\t\t\tdescription: \"The file to encrypt or decrypt\",\n\t\t},\n\t\toutput: {\n\t\t\tdescription:\n\t\t\t\t\"The file to create in order to save the result of the encryption or decryption\",\n\t\t},\n\t},\n\trestrictions: [\n\t\t{\n\t\t\texit: 1,\n\t\t\tmessage: () =>\n\t\t\t\tkleur.red(\n\t\t\t\t\t`\\nError: one of --encrypt or --decrypt option must be provided.`\n\t\t\t\t),\n\t\t\ttest: (x: { encrypt: boolean; decrypt: boolean }) =>\n\t\t\t\tx.encrypt === false && x.decrypt === false,\n\t\t},\n\t\t{\n\t\t\texit: 1,\n\t\t\tmessage: () =>\n\t\t\t\tkleur.red(\n\t\t\t\t\t`\\nError: either --encrypt or --decrypt option must be provided, but not both.`\n\t\t\t\t),\n\t\t\ttest: (x: { encrypt: boolean; decrypt: boolean }) =>\n\t\t\t\tx.encrypt === true && x.decrypt === true,\n\t\t},\n\t],\n\n\tusage: \"secret [options] [input] [output]\",\n});\n"],"names":["kleur","parser","config","meta","examples","command","comment","flags","decrypt","shortFlag","description","type","encrypt","help","version","parameters","input","output","restrictions","exit","message","red","test","x","usage"],"mappings":"AAAA,OAAOA,WAAW,QAAQ;AAC1B,SAASC,MAAM,QAAQ,mBAAmB;AAmB1C,wBAAwB,GACxB,OAAO,MAAMC,SAAwBD,OAAO;IAC3CE,MAAM;IACNC,UAAU;QACT;YACCC,SAAS;YACTC,SACC;QACF;QACA;YACCD,SAAS;YACTC,SAAS,CAAC,8GAA8G,CAAC;QAC1H;KACA;IACDC,OAAO;QACNC,SAAS;YACRC,WAAW;YACXC,aAAa,CAAC,iCAAiC,CAAC;YAChDC,MAAM;QACP;QACAC,SAAS;YACRH,WAAW;YACXC,aAAa,CAAC,8BAA8B,CAAC;YAC7CC,MAAM;QACP;QACAE,MAAM;YACLJ,WAAW;YACXC,aAAa;YACbC,MAAM;QACP;QACAG,SAAS;YACRL,WAAW;YACXC,aAAa;YACbC,MAAM;QACP;IACD;IACAI,YAAY;QACXC,OAAO;YACNN,aAAa;QACd;QACAO,QAAQ;YACPP,aACC;QACF;IACD;IACAQ,cAAc;QACb;YACCC,MAAM;YACNC,SAAS,IACRpB,MAAMqB,IACL,CAAC,+DAA+D,CAAC;YAEnEC,MAAM,CAACC,IACNA,EAAEX,YAAY,SAASW,EAAEf,YAAY;QACvC;QACA;YACCW,MAAM;YACNC,SAAS,IACRpB,MAAMqB,IACL,CAAC,6EAA6E,CAAC;YAEjFC,MAAM,CAACC,IACNA,EAAEX,YAAY,QAAQW,EAAEf,YAAY;QACtC;KACA;IAEDgB,OAAO;AACR,GAAG"}

package/dist/secret.d.ts

@@ -0,0 +1,2 @@
+#!/usr/bin/env node
+export {};

package/dist/secret.js

@@ -0,0 +1,47 @@
+#!/usr/bin/env node
+/* istanbul ignore file */ import { displayConfirmation, displayPromptWithPassword, logger, processFileWithPassword, shouldContinue } from "./utilities.js";
+import { config } from "./parse.js";
+import fs from "fs-extra";
+import path from "node:path";
+const ENCRYPT = "encrypt";
+const DECRYPT = "decrypt";
+/**
+ * Caching the "action" for future usage (encrypt or decrypt).
+ */ const actionName = config.flags.encrypt ? ENCRYPT : DECRYPT;
+/**
+ * Extracting the input and output files.
+ */ let inputFile, outputFile, outputFileExists = false;
+if (Object.entries(config.parameters).length > 0) {
+    inputFile = config.parameters["0"];
+    outputFile = config.parameters["1"];
+    if (!fs.existsSync(inputFile)) {
+        logger.printErrorsAndExit([
+            `File "${inputFile}" does not exist!`
+        ], 1);
+    }
+    if (fs.existsSync(outputFile)) {
+        outputFileExists = true;
+    }
+}
+if (outputFileExists) {
+    const goodToGo = await displayConfirmation(`The file ${outputFile} already exists, overwrite it?`);
+    shouldContinue(goodToGo);
+}
+const password = await displayPromptWithPassword(`Enter password to ${actionName} the file`);
+try {
+    await processFileWithPassword({
+        encode: config.flags.encrypt,
+        input: inputFile,
+        output: outputFile,
+        password
+    });
+    logger.log();
+    logger.info(`File ${path.basename(inputFile)} was ${actionName}ed.`);
+    if (outputFileExists) {
+        logger.info(`The result was saved in the file ${outputFile}`);
+    }
+} catch (error) {
+    logger.error(error);
+}
+
+//# sourceMappingURL=secret.js.map

package/dist/secret.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/secret.ts"],"sourcesContent":["#!/usr/bin/env node\n/* istanbul ignore file */\n\nimport {\n\tdisplayConfirmation,\n\tdisplayPromptWithPassword,\n\tlogger,\n\tprocessFileWithPassword,\n\tshouldContinue,\n} from \"./utilities.js\";\n\nimport { config } from \"./parse.js\";\nimport fs from \"fs-extra\";\nimport path from \"node:path\";\n\nconst ENCRYPT = \"encrypt\";\nconst DECRYPT = \"decrypt\";\n\n/**\n * Caching the \"action\" for future usage (encrypt or decrypt).\n */\nconst actionName = config.flags.encrypt ? ENCRYPT : DECRYPT;\n\n/**\n * Extracting the input and output files.\n */\nlet inputFile: string,\n\toutputFile: string,\n\toutputFileExists: boolean = false;\nif (Object.entries(config.parameters).length > 0) {\n\tinputFile = config.parameters[\"0\"];\n\toutputFile = config.parameters[\"1\"];\n\tif (!fs.existsSync(inputFile)) {\n\t\tlogger.printErrorsAndExit([`File \"${inputFile}\" does not exist!`], 1);\n\t}\n\tif (fs.existsSync(outputFile)) {\n\t\toutputFileExists = true;\n\t}\n}\n\nif (outputFileExists) {\n\tconst goodToGo = await displayConfirmation(\n\t\t`The file ${outputFile} already exists, overwrite it?`\n\t);\n\tshouldContinue(goodToGo);\n}\n\nconst password = await displayPromptWithPassword(\n\t`Enter password to ${actionName} the file`\n);\n\ntry {\n\tawait processFileWithPassword({\n\t\tencode: config.flags.encrypt,\n\t\tinput: inputFile,\n\t\toutput: outputFile,\n\t\tpassword,\n\t});\n\tlogger.log();\n\tlogger.info(`File ${path.basename(inputFile)} was ${actionName}ed.`);\n\tif (outputFileExists) {\n\t\tlogger.info(`The result was saved in the file ${outputFile}`);\n\t}\n} catch (error) {\n\tlogger.error(error);\n}\n"],"names":["displayConfirmation","displayPromptWithPassword","logger","processFileWithPassword","shouldContinue","config","fs","path","ENCRYPT","DECRYPT","actionName","flags","encrypt","inputFile","outputFile","outputFileExists","Object","entries","parameters","length","existsSync","printErrorsAndExit","goodToGo","password","encode","input","output","log","info","basename","error"],"mappings":";AACA,wBAAwB,GAExB,SACCA,mBAAmB,EACnBC,yBAAyB,EACzBC,MAAM,EACNC,uBAAuB,EACvBC,cAAc,QACR,iBAAiB;AAExB,SAASC,MAAM,QAAQ,aAAa;AACpC,OAAOC,QAAQ,WAAW;AAC1B,OAAOC,UAAU,YAAY;AAE7B,MAAMC,UAAU;AAChB,MAAMC,UAAU;AAEhB;;CAEC,GACD,MAAMC,aAAaL,OAAOM,MAAMC,UAAUJ,UAAUC;AAEpD;;CAEC,GACD,IAAII,WACHC,YACAC,mBAA4B;AAC7B,IAAIC,OAAOC,QAAQZ,OAAOa,YAAYC,SAAS,GAAG;IACjDN,YAAYR,OAAOa,UAAU,CAAC,IAAI;IAClCJ,aAAaT,OAAOa,UAAU,CAAC,IAAI;IACnC,IAAI,CAACZ,GAAGc,WAAWP,YAAY;QAC9BX,OAAOmB,mBAAmB;YAAC,CAAC,MAAM,EAAER,UAAU,iBAAiB,CAAC;SAAC,EAAE;IACpE;IACA,IAAIP,GAAGc,WAAWN,aAAa;QAC9BC,mBAAmB;IACpB;AACD;AAEA,IAAIA,kBAAkB;IACrB,MAAMO,WAAW,MAAMtB,oBACtB,CAAC,SAAS,EAAEc,WAAW,8BAA8B,CAAC;IAEvDV,eAAekB;AAChB;AAEA,MAAMC,WAAW,MAAMtB,0BACtB,CAAC,kBAAkB,EAAES,WAAW,SAAS,CAAC;AAG3C,IAAI;IACH,MAAMP,wBAAwB;QAC7BqB,QAAQnB,OAAOM,MAAMC;QACrBa,OAAOZ;QACPa,QAAQZ;QACRS;IACD;IACArB,OAAOyB;IACPzB,OAAO0B,KAAK,CAAC,KAAK,EAAErB,KAAKsB,SAAShB,WAAW,KAAK,EAAEH,WAAW,GAAG,CAAC;IACnE,IAAIK,kBAAkB;QACrBb,OAAO0B,KAAK,CAAC,iCAAiC,EAAEd,WAAW,CAAC;IAC7D;AACD,EAAE,OAAOgB,OAAO;IACf5B,OAAO4B,MAAMA;AACd"}

package/dist/utilities.d.ts

@@ -0,0 +1,53 @@
+import { Logger } from "@node-cli/logger";
+export declare const logger: Logger;
+/**
+ * Create an hexadecimal hash from a given string. The default
+ * algorithm is md5 but it can be changed to anything that
+ * crypto.createHash allows.
+ * @param  {String} string            the string to hash
+ * @param  {String} [algorithm='md5'] the algorithm to use or hashing
+ * @return {String}                   the hashed string in hexa format
+ */
+export declare const createHash: (string: string, algorithm?: string) => string;
+/**
+ * Encrypts a string or a buffer using AES-256-CTR
+ * algorithm.
+ * @param  {String} password a unique password
+ * @param  {String} data     a string to encrypt
+ * @return {String} the encrypted data in hexa
+ *   encoding, followed by a dollar sign ($) and by a
+ *   unique random initialization vector.
+ */
+export declare const encrypt: (password: string, data: string) => string;
+/**
+ * Decrypts a string that was encrypted using the
+ * AES-256-CRT algorithm via `encrypt`. It expects
+ * the encrypted string to have the corresponding
+ * initialization vector appended at the end, after
+ * a dollar sign ($) - which was done via the
+ * corresponding `encrypt` method.
+ * @param  {String} password a unique password
+ * @param  {String} data     a string to decrypt
+ * @return {String}          the decrypted data
+ */
+export declare const decrypt: (password: string, data: string) => string;
+/**
+ * Process a file with a given password. The file can be
+ * encoded or decoded depending on the `encode` flag.
+ * @param  {Boolean} encode   whether to encode or decode the file
+ * @param  {String}  input    the input file path
+ * @param  {String}  [output] the output file path
+ * @param  {String}  password the password to use
+ * @return {Promise}          a promise that resolves when
+ *                            the file has been processed.
+ */
+export type ProcessFileOptions = {
+    encode: boolean;
+    input: string;
+    output?: string;
+    password: string;
+};
+export declare const processFileWithPassword: (options: ProcessFileOptions) => Promise<void>;
+export declare const displayConfirmation: (message: string) => Promise<any>;
+export declare const displayPromptWithPassword: (message: string) => Promise<any>;
+export declare const shouldContinue: (goodToGo: boolean) => boolean;

package/dist/utilities.js

@@ -0,0 +1,116 @@
+import { Logger } from "@node-cli/logger";
+import crypto from "node:crypto";
+import fs from "fs-extra";
+import inquirer from "inquirer";
+export const logger = new Logger({
+    boring: process.env.NODE_ENV === "test"
+});
+const HEX = "hex";
+const UTF8 = "utf8";
+const DEFAULT_CRYPTO_ALGO = "aes-256-ctr";
+const DEFAULT_HASH_ALGO = "md5";
+const DEFAULT_BYTES_FOR_IV = 16;
+const DEFAULT_FILE_ENCODING = UTF8;
+/**
+ * Create an hexadecimal hash from a given string. The default
+ * algorithm is md5 but it can be changed to anything that
+ * crypto.createHash allows.
+ * @param  {String} string            the string to hash
+ * @param  {String} [algorithm='md5'] the algorithm to use or hashing
+ * @return {String}                   the hashed string in hexa format
+ */ export const createHash = (string, algorithm = DEFAULT_HASH_ALGO)=>{
+    return crypto.createHash(algorithm).update(string, UTF8).digest(HEX);
+};
+/**
+ * Encrypts a string or a buffer using AES-256-CTR
+ * algorithm.
+ * @param  {String} password a unique password
+ * @param  {String} data     a string to encrypt
+ * @return {String} the encrypted data in hexa
+ *   encoding, followed by a dollar sign ($) and by a
+ *   unique random initialization vector.
+ */ export const encrypt = (password, data)=>{
+    // Ensure that the initialization vector (IV) is random.
+    const iv = crypto.randomBytes(DEFAULT_BYTES_FOR_IV);
+    // Hash the given password (result is always the same).
+    const key = createHash(password);
+    // Create a cipher.
+    const cipher = crypto.createCipheriv(DEFAULT_CRYPTO_ALGO, key, iv);
+    // Encrypt the data using the newly created cipher.
+    const encrypted = cipher.update(data, UTF8, HEX) + cipher.final(HEX);
+    /*
+	 * Append the IV at the end of the encrypted data
+	 * to reuse it for decryption (IV is not a key,
+	 * it can be public).
+	 */ return `${encrypted}$${iv.toString(HEX)}`;
+};
+/**
+ * Decrypts a string that was encrypted using the
+ * AES-256-CRT algorithm via `encrypt`. It expects
+ * the encrypted string to have the corresponding
+ * initialization vector appended at the end, after
+ * a dollar sign ($) - which was done via the
+ * corresponding `encrypt` method.
+ * @param  {String} password a unique password
+ * @param  {String} data     a string to decrypt
+ * @return {String}          the decrypted data
+ */ export const decrypt = (password, data)=>{
+    // Extract encrypted data and initialization vector (IV).
+    const [encrypted, ivHex] = data.split("$");
+    // Create a buffer out of the raw hex IV
+    const iv = Buffer.from(ivHex, HEX);
+    // Hash the given password (result is always the same).
+    const hash = createHash(password);
+    // Create a cipher.
+    const decipher = crypto.createDecipheriv(DEFAULT_CRYPTO_ALGO, hash, iv);
+    // Return the decrypted data using the newly created cipher.
+    return decipher.update(encrypted, HEX, UTF8) + decipher.final("utf8");
+};
+export const processFileWithPassword = async (options)=>{
+    const { encode , input , output , password  } = options;
+    const fileProcessor = encode ? encrypt : decrypt;
+    const data = await fs.readFile(input, DEFAULT_FILE_ENCODING);
+    if (output) {
+        // Save data to output file
+        await fs.outputFile(output, fileProcessor(password, data));
+    } else {
+        // Print to stdout directly
+        logger.log(fileProcessor(password, data));
+    }
+};
+/* istanbul ignore next */ export const displayConfirmation = async (message)=>{
+    const questions = {
+        default: true,
+        message: message || "Do you want to continue?",
+        name: "goodToGo",
+        type: "confirm"
+    };
+    logger.log();
+    const answers = await inquirer.prompt(questions);
+    return answers.goodToGo;
+};
+/* istanbul ignore next */ export const displayPromptWithPassword = async (message)=>{
+    const questions = {
+        message: message,
+        name: "password",
+        type: "password",
+        validate (value) {
+            if (!value) {
+                return "Password cannot be empty...";
+            }
+            return true;
+        }
+    };
+    const answers = await inquirer.prompt(questions);
+    return answers.password;
+};
+/* istanbul ignore next */ export const shouldContinue = (goodToGo)=>{
+    if (!goodToGo) {
+        logger.log("\nBye then!");
+        // eslint-disable-next-line unicorn/no-process-exit
+        process.exit(0);
+    }
+    return true;
+};
+
+//# sourceMappingURL=utilities.js.map

package/dist/utilities.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/utilities.ts"],"sourcesContent":["import { Logger } from \"@node-cli/logger\";\nimport crypto from \"node:crypto\";\nimport fs from \"fs-extra\";\nimport inquirer from \"inquirer\";\n\nexport const logger = new Logger({\n\tboring: process.env.NODE_ENV === \"test\",\n});\n\nconst HEX = \"hex\";\nconst UTF8 = \"utf8\";\n\nconst DEFAULT_CRYPTO_ALGO = \"aes-256-ctr\";\nconst DEFAULT_HASH_ALGO = \"md5\";\nconst DEFAULT_BYTES_FOR_IV = 16;\nconst DEFAULT_FILE_ENCODING = UTF8;\n\n/**\n * Create an hexadecimal hash from a given string. The default\n * algorithm is md5 but it can be changed to anything that\n * crypto.createHash allows.\n * @param  {String} string            the string to hash\n * @param  {String} [algorithm='md5'] the algorithm to use or hashing\n * @return {String}                   the hashed string in hexa format\n */\nexport const createHash = (\n\tstring: string,\n\talgorithm: string = DEFAULT_HASH_ALGO\n): string => {\n\treturn crypto.createHash(algorithm).update(string, UTF8).digest(HEX);\n};\n\n/**\n * Encrypts a string or a buffer using AES-256-CTR\n * algorithm.\n * @param  {String} password a unique password\n * @param  {String} data     a string to encrypt\n * @return {String} the encrypted data in hexa\n *   encoding, followed by a dollar sign ($) and by a\n *   unique random initialization vector.\n */\nexport const encrypt = (password: string, data: string): string => {\n\t// Ensure that the initialization vector (IV) is random.\n\tconst iv = crypto.randomBytes(DEFAULT_BYTES_FOR_IV);\n\t// Hash the given password (result is always the same).\n\tconst key = createHash(password);\n\t// Create a cipher.\n\tconst cipher = crypto.createCipheriv(DEFAULT_CRYPTO_ALGO, key, iv);\n\t// Encrypt the data using the newly created cipher.\n\tconst encrypted = cipher.update(data, UTF8, HEX) + cipher.final(HEX);\n\t/*\n\t * Append the IV at the end of the encrypted data\n\t * to reuse it for decryption (IV is not a key,\n\t * it can be public).\n\t */\n\treturn `${encrypted}$${iv.toString(HEX)}`;\n};\n\n/**\n * Decrypts a string that was encrypted using the\n * AES-256-CRT algorithm via `encrypt`. It expects\n * the encrypted string to have the corresponding\n * initialization vector appended at the end, after\n * a dollar sign ($) - which was done via the\n * corresponding `encrypt` method.\n * @param  {String} password a unique password\n * @param  {String} data     a string to decrypt\n * @return {String}          the decrypted data\n */\nexport const decrypt = (password: string, data: string): string => {\n\t// Extract encrypted data and initialization vector (IV).\n\tconst [encrypted, ivHex] = data.split(\"$\");\n\t// Create a buffer out of the raw hex IV\n\tconst iv = Buffer.from(ivHex, HEX);\n\t// Hash the given password (result is always the same).\n\tconst hash = createHash(password);\n\t// Create a cipher.\n\tconst decipher = crypto.createDecipheriv(DEFAULT_CRYPTO_ALGO, hash, iv);\n\t// Return the decrypted data using the newly created cipher.\n\treturn decipher.update(encrypted, HEX, UTF8) + decipher.final(\"utf8\");\n};\n\n/**\n * Process a file with a given password. The file can be\n * encoded or decoded depending on the `encode` flag.\n * @param  {Boolean} encode   whether to encode or decode the file\n * @param  {String}  input    the input file path\n * @param  {String}  [output] the output file path\n * @param  {String}  password the password to use\n * @return {Promise}          a promise that resolves when\n *                            the file has been processed.\n */\nexport type ProcessFileOptions = {\n\tencode: boolean;\n\tinput: string;\n\toutput?: string;\n\tpassword: string;\n};\nexport const processFileWithPassword = async (\n\toptions: ProcessFileOptions\n): Promise<void> => {\n\tconst { encode, input, output, password } = options;\n\tconst fileProcessor = encode ? encrypt : decrypt;\n\tconst data = await fs.readFile(input, DEFAULT_FILE_ENCODING);\n\n\tif (output) {\n\t\t// Save data to output file\n\t\tawait fs.outputFile(output, fileProcessor(password, data));\n\t} else {\n\t\t// Print to stdout directly\n\t\tlogger.log(fileProcessor(password, data));\n\t}\n};\n\n/* istanbul ignore next */\nexport const displayConfirmation = async (message: string) => {\n\tconst questions = {\n\t\tdefault: true,\n\t\tmessage: message || \"Do you want to continue?\",\n\t\tname: \"goodToGo\",\n\t\ttype: \"confirm\",\n\t};\n\tlogger.log();\n\tconst answers = await inquirer.prompt(questions);\n\treturn answers.goodToGo;\n};\n\n/* istanbul ignore next */\nexport const displayPromptWithPassword = async (message: string) => {\n\tconst questions = {\n\t\tmessage: message,\n\t\tname: \"password\",\n\t\ttype: \"password\",\n\t\tvalidate(value: string) {\n\t\t\tif (!value) {\n\t\t\t\treturn \"Password cannot be empty...\";\n\t\t\t}\n\t\t\treturn true;\n\t\t},\n\t};\n\tconst answers = await inquirer.prompt(questions);\n\treturn answers.password;\n};\n\n/* istanbul ignore next */\nexport const shouldContinue = (goodToGo: boolean) => {\n\tif (!goodToGo) {\n\t\tlogger.log(\"\\nBye then!\");\n\t\t// eslint-disable-next-line unicorn/no-process-exit\n\t\tprocess.exit(0);\n\t}\n\treturn true;\n};\n"],"names":["Logger","crypto","fs","inquirer","logger","boring","process","env","NODE_ENV","HEX","UTF8","DEFAULT_CRYPTO_ALGO","DEFAULT_HASH_ALGO","DEFAULT_BYTES_FOR_IV","DEFAULT_FILE_ENCODING","createHash","string","algorithm","update","digest","encrypt","password","data","iv","randomBytes","key","cipher","createCipheriv","encrypted","final","toString","decrypt","ivHex","split","Buffer","from","hash","decipher","createDecipheriv","processFileWithPassword","options","encode","input","output","fileProcessor","readFile","outputFile","log","displayConfirmation","message","questions","default","name","type","answers","prompt","goodToGo","displayPromptWithPassword","validate","value","shouldContinue","exit"],"mappings":"AAAA,SAASA,MAAM,QAAQ,mBAAmB;AAC1C,OAAOC,YAAY,cAAc;AACjC,OAAOC,QAAQ,WAAW;AAC1B,OAAOC,cAAc,WAAW;AAEhC,OAAO,MAAMC,SAAS,IAAIJ,OAAO;IAChCK,QAAQC,QAAQC,IAAIC,aAAa;AAClC,GAAG;AAEH,MAAMC,MAAM;AACZ,MAAMC,OAAO;AAEb,MAAMC,sBAAsB;AAC5B,MAAMC,oBAAoB;AAC1B,MAAMC,uBAAuB;AAC7B,MAAMC,wBAAwBJ;AAE9B;;;;;;;CAOC,GACD,OAAO,MAAMK,aAAa,CACzBC,QACAC,YAAoBL,iBAAiB;IAErC,OAAOX,OAAOc,WAAWE,WAAWC,OAAOF,QAAQN,MAAMS,OAAOV;AACjE,EAAE;AAEF;;;;;;;;CAQC,GACD,OAAO,MAAMW,UAAU,CAACC,UAAkBC;IACzC,wDAAwD;IACxD,MAAMC,KAAKtB,OAAOuB,YAAYX;IAC9B,uDAAuD;IACvD,MAAMY,MAAMV,WAAWM;IACvB,mBAAmB;IACnB,MAAMK,SAASzB,OAAO0B,eAAehB,qBAAqBc,KAAKF;IAC/D,mDAAmD;IACnD,MAAMK,YAAYF,OAAOR,OAAOI,MAAMZ,MAAMD,OAAOiB,OAAOG,MAAMpB;IAChE;;;;EAIC,GACD,OAAO,CAAC,EAAEmB,UAAU,CAAC,EAAEL,GAAGO,SAASrB,KAAK,CAAC;AAC1C,EAAE;AAEF;;;;;;;;;;CAUC,GACD,OAAO,MAAMsB,UAAU,CAACV,UAAkBC;IACzC,yDAAyD;IACzD,MAAM,CAACM,WAAWI,MAAM,GAAGV,KAAKW,MAAM;IACtC,wCAAwC;IACxC,MAAMV,KAAKW,OAAOC,KAAKH,OAAOvB;IAC9B,uDAAuD;IACvD,MAAM2B,OAAOrB,WAAWM;IACxB,mBAAmB;IACnB,MAAMgB,WAAWpC,OAAOqC,iBAAiB3B,qBAAqByB,MAAMb;IACpE,4DAA4D;IAC5D,OAAOc,SAASnB,OAAOU,WAAWnB,KAAKC,QAAQ2B,SAASR,MAAM;AAC/D,EAAE;AAkBF,OAAO,MAAMU,0BAA0B,OACtCC;IAEA,MAAM,EAAEC,OAAM,EAAEC,MAAK,EAAEC,OAAM,EAAEtB,SAAQ,EAAE,GAAGmB;IAC5C,MAAMI,gBAAgBH,SAASrB,UAAUW;IACzC,MAAMT,OAAO,MAAMpB,GAAG2C,SAASH,OAAO5B;IAEtC,IAAI6B,QAAQ;QACX,2BAA2B;QAC3B,MAAMzC,GAAG4C,WAAWH,QAAQC,cAAcvB,UAAUC;IACrD,OAAO;QACN,2BAA2B;QAC3BlB,OAAO2C,IAAIH,cAAcvB,UAAUC;IACpC;AACD,EAAE;AAEF,wBAAwB,GACxB,OAAO,MAAM0B,sBAAsB,OAAOC;IACzC,MAAMC,YAAY;QACjBC,SAAS;QACTF,SAASA,WAAW;QACpBG,MAAM;QACNC,MAAM;IACP;IACAjD,OAAO2C;IACP,MAAMO,UAAU,MAAMnD,SAASoD,OAAOL;IACtC,OAAOI,QAAQE;AAChB,EAAE;AAEF,wBAAwB,GACxB,OAAO,MAAMC,4BAA4B,OAAOR;IAC/C,MAAMC,YAAY;QACjBD,SAASA;QACTG,MAAM;QACNC,MAAM;QACNK,UAASC,KAAa;YACrB,IAAI,CAACA,OAAO;gBACX,OAAO;YACR;YACA,OAAO;QACR;IACD;IACA,MAAML,UAAU,MAAMnD,SAASoD,OAAOL;IACtC,OAAOI,QAAQjC;AAChB,EAAE;AAEF,wBAAwB,GACxB,OAAO,MAAMuC,iBAAiB,CAACJ;IAC9B,IAAI,CAACA,UAAU;QACdpD,OAAO2C,IAAI;QACX,mDAAmD;QACnDzC,QAAQuD,KAAK;IACd;IACA,OAAO;AACR,EAAE"}

package/package.json

@@ -0,0 +1,38 @@
+{
+	"name": "@node-cli/secret",
+	"version": "1.0.0",
+	"license": "MIT",
+	"author": "Arno Versini",
+	"description": "Secret is a CLI tool that can encode or decode a file with a password",
+	"type": "module",
+	"types": "./dist/index.d.ts",
+	"exports": "./dist/secret.js",
+	"bin": {
+		"secret": "dist/secret.js"
+	},
+	"files": [
+		"dist"
+	],
+	"node": ">=16",
+	"scripts": {
+		"build": "yarn run clean && yarn run build:types && yarn run build:js && yarn run build:barrel",
+		"build:barrel": "barrelsby --delete --directory dist --pattern \"**/*.d.ts\" --name \"index.d\"",
+		"build:js": "swc --source-maps --out-dir dist src",
+		"build:types": "tsc",
+		"clean": "rimraf dist types coverage",
+		"lint": "prettier --write \"src/*.ts\" && eslint --fix \"src/*.ts\"",
+		"test": "cross-env-shell NODE_OPTIONS=--experimental-vm-modules TZ=UTC jest",
+		"test:coverage": "npm run test -- --coverage",
+		"watch": "swc --watch --out-dir dist src"
+	},
+	"dependencies": {
+		"@node-cli/logger": ">=1.0.0",
+		"@node-cli/parser": ">=2.0.0",
+		"fs-extra": "11.1.1",
+		"inquirer": "9.2.6"
+	},
+	"publishConfig": {
+		"access": "public"
+	},
+	"gitHead": "9c4baafbf51504c8b9ec3c8434f06be73bd2b23f"
+}