New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fixes for #3 and #4 #10
Conversation
DOC: How to install and run secure-env locally
Thank you @fryl0ch for rasing the PR which could potentially fix multiple issues. I will be reviewing this shortly. |
TODO:test the contents of openssl_list-cipher-algorithms.csv against 16/32 iv/key.length append iv.length,key.length cells per algo validate iv/key.length against regex /([0-9]+)-([0-9]+)/ for acceptable ranges? add NaCl salt is good
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Once again thanks @fryl0ch for raising this PR. I have requested a few changes which I think are mandatory before I merge this branch to master.
const encryptionAlgo = options.encryptionAlgo || 'aes192' | ||
const encryptionAlgo = options.encryptionAlgo || 'aes256' | ||
const ivLength = options.ivLength || 16 | ||
// presumably createCipheriv() should work for all the algo in ./openssl_list-cipher-algorithms.csv with the right key/iv length |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I assume this is with reference to the gist: https://gist.github.com/reggi/4459803.
Please mention the source link over here and remove the file ./openssl_list-cipher-algorithms.csv
from lib
folder, as the file is not used anywhere within our code and it's only there for reference purpose.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this is the output of the shell command
$ openssl list-cipher-algorithms
depending on the installed version of openSSL, more or less algorithms will (probably) be available
note with openSSL 1.1.1 i have to use
$ openssl enc -ciphers
to get a list
#2 might be related to this, but i can only speculate
lib/cli.js
Outdated
@@ -14,4 +15,6 @@ const encryptionAlgo = argv.algo || argv.a | |||
|
|||
const cryptography = require('./cryptography') | |||
|
|||
cryptography.encrypt({ secret, inputFile, outputFile, encryptionAlgo }) | |||
|
|||
if (argv.decrypt || argv.d) console.log(cryptography.decrypt({secret, outputFile, encryptionAlgo})) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please use
const log = require('./utils/log')
log('your message', 'info')
instead of console.log
.
@@ -79,7 +79,8 @@ $ secure-env --option <VALUE> <file-path-which-is-to-be-encrypted> | |||
| ------ | ------ | ------ | | |||
| --secret <secretKey> | Specify the secret Key which would be later used to decrypt the file. | `mySecret` | | |||
| --out <file-path> | The encrypted file path that would be created. | `env.enc` | | |||
| --algo <algoName> | The encryption algorithm that is to be used to encrypt the env file. | `aes192` | | |||
| --algo <algoName> | The encryption algorithm that is to be used to encrypt the env file. | `aes256` | |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Since this is a breaking change upgrading the package.json
version to 1.2.0 makes sense. Can you please make the required changes to package.json too?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
All looks good. Merging this PR and marking all the related issues as resolved.
potentially breaking changes: