npm stats
  • Search
  • About
  • Repo
  • Sponsor
  • more
    • Search
    • About
    • Repo
    • Sponsor

Made by Antonio Ramirez

secret-json

1.0.1

@mafintosh

npmHomeRepoSnykSocket
Downloads:8
$ npm install secret-json
DailyWeeklyMonthlyYearly

secret-json

Encrypt and decrypt JSON files with a secret key.

Uses libsodium's secret box (via sodium-native). Encrypted files are base64 with the nonce embedded, so a single file is all you need to decrypt.

npm install secret-json

Usage

The module is focused on reading. Pass it the contents of an encrypted file and your key and it returns the decrypted JSON.

const secretJSON = require('secret-json')
const fs = require('fs')

const key = process.env.SECRET_JSON_KEY // 32 byte key as hex or a buffer
const json = secretJSON(fs.readFileSync('./db.secret'), key)

console.log(json) // { user: 'admin', pass: 'hunter2' }

API

json = secretJSON(fileAsStringOrBuffer, key)

Decrypt a file and return the JSON. key is a 32 byte buffer or a hex string. Throws if the key is wrong or the file is corrupt. Also available as secretJSON.decrypt.

file = secretJSON.encrypt(json, key)

Encrypt a JSON value and return the file as a base64 string.

key = secretJSON.keygen()

Generate a new random 32 byte key as a buffer.

CLI

npm install -g secret-json

Generate a key and keep it somewhere safe

export SECRET_JSON_KEY=$(secret-json keygen)

Encrypt / decrypt a JSON file

secret-json encrypt config.json       # writes config.json.secret
secret-json decrypt config.json.secret

Or generate an encrypted file straight from key=value pairs with --entry, -e. It prints to stdout, so redirect it or pass --out, -o

secret-json generate -e user=admin -e pass=hunter2 > db.secret
secret-json generate -e user=admin -e pass=hunter2 -o db.secret

Every command takes --key, -k to pass a key inline instead of using $SECRET_JSON_KEY. Run secret-json --help for more.

License

Apache-2.0