Read and write secure encrypted files
$ npm i pemcrypt --save
Require. Show me some CommonJS/Modules love!
var pemcrypt = require'pemcrypt';
The goal of
pemcrypt is to allow you to commit sensible environment configuration values in an encrypted manner to source control. All you need to do then, is get the private key originally used to encrypt a file, and you're good to go.
Ideally, this would only be used for development configuration values. You would distribute a
.pemjson file with your module, and give the private key to decrypt the file to your contributors. The upside is that you won't need to give them a new
.json file every time a value needs to change, but rather just encrypt it again, and push the new
Make sure you add
*.pem, and whatever the decrypted JSON filename is to your
.gitignore. Commiting either of those would defeat the entire purpose of this module.
.pem file the first time around. You can save it wherever you won't, but don't ever commit it to source control.
This method also returns the pem key right away if you want it for some reason.
Creates a pemcrypt
store object. This will be used to
decrypt our files. This function will look for a
.pem file and load it immediately, throwing if one isn't found.
var store = pemcryptpem: pemfile // same one used to generate the keycwd: __dirname // defaults to process.cwd();
Encrypts a raw
.json file. This method will take a file path relative to
cwd, without the
.json extension. The
persist parameter will determine whether the results are dumped to an encrypted
.pemjson file next to the
This method is synchronous and returns the encrypted data, too.
var pemjson = storeencrypt'env/defaults';console.logpemjson; // garbage
Decrypts an encrypted
.pemjson file. This method will take a file path relative to
cwd, without the
.pemjson extension. The
persist parameter will determine whether the results are dumped to a decrypted
.json file next to the
This method is synchronous and returns the decrypted data, too.
var json = storedecrypt'env/defaults';console.logjson; // data!