Merge branch '2-dev'

package.json

@@ -1,6 +1,6 @@
 {
   "name": "kuzzle-vault",
-  "version": "2.0.0",
+  "version": "2.0.1",
   "description": "Share and version sensitive data with your team by using cryptography.",
   "main": "build/src/index.js",
   "types": "build/src/index.d.ts",
@@ -25,7 +25,9 @@
     "url": "https://github.com/kuzzleio/kuzzle-vault/issues"
   },
   "homepage": "https://github.com/kuzzleio/kuzzle-vault#readme",
-  "dependencies": {},
+  "dependencies": {
+    "yaml": "^1.10.0"
+  },
   "devDependencies": {
     "@types/mocha": "^7.0.2",
     "@types/mock-fs": "^4.10.0",

src/Cryptonomicon.ts

@@ -56,25 +56,27 @@ export default class Cryptonomicon {
    *
    * @returns {Object} Object with decrypted values
    */
-  decryptObject (encryptedSecrets: any, path?: string): {} {
-    const secrets: any = {};
+  decryptObject (encryptedSecrets: any): {} {
+    if (Array.isArray(encryptedSecrets)) {
+      const secrets: any = [];
+
+      for (const value of Object.values(encryptedSecrets)) {
+        secrets.push(
+          typeof value === 'string'
+            ? this.decryptString(value)
+            : this.decryptObject(value)
+        );
+      }
 
-    for (const key of Object.keys(encryptedSecrets)) {
-      const value: string|any = encryptedSecrets[key];
+      return secrets;
+    }
 
-      const currentPath = [path, key].filter(e => e).join('.');
+    const secrets: any = {}
 
-      if (value && typeof value === 'object' && !Array.isArray(value)) {
-        secrets[key] = this.decryptObject(value, currentPath);
-      }
-      else if (typeof value === 'string') {
-        try {
-          secrets[key] = this.decryptString(value);
-        }
-        catch (error) {
-          throw new Error(`Error when decrypting "${currentPath}": ${error.message}`);
-        }
-      }
+    for (const [key, value] of Object.entries(encryptedSecrets)) {
+      secrets[key] = typeof value === 'string'
+        ? this.decryptString(value)
+        : this.decryptObject(value);
     }
 
     return secrets;

src/Vault.ts

@@ -21,8 +21,11 @@
 
 'use strict';
 
-import * as fs from 'fs'
-import Cryptonomicon from './Cryptonomicon'
+import * as fs from 'fs';
+
+import * as YAML from 'yaml';
+
+import Cryptonomicon from './Cryptonomicon';
 
 export default class Vault {
   public cryptonomicon: Cryptonomicon;
@@ -54,7 +57,16 @@ export default class Vault {
     this.secrets = {};
   }
 
-  decrypt (encryptedVaultPath: string): void {
+  /**
+   * Decrypt the provided file with the vault key
+   *
+   * @param encryptedVaultPath Path to the encrypted file
+   * @param options
+   *   - `format`: encrypted file format, either `json` (default) or `yaml`
+   */
+  decrypt (encryptedVaultPath: string, options?: { format?: 'json' | 'yaml' }): {} {
+    const { format } = options || { format: 'json' };
+
     if (this.cryptonomicon.emptyKey) {
       throw new Error('No Vault key provided');
     }
@@ -63,16 +75,19 @@ export default class Vault {
       throw new Error(`Unable to find vault at "${encryptedVaultPath}"`);
     }
 
+    const parser = format === 'json' ? JSON.parse : YAML.parse;
+
     let encryptedSecrets;
     try {
-      encryptedSecrets = JSON.parse(fs.readFileSync(encryptedVaultPath, 'utf-8'));
-
+      encryptedSecrets = parser(fs.readFileSync(encryptedVaultPath, 'utf-8'));
     }
     catch (error) {
       throw new Error(`Cannot parse encrypted secrets from file "${encryptedVaultPath}": ${error.message}`);
     }
 
     this.secrets = this.cryptonomicon.decryptObject(encryptedSecrets);
+
+    return this.secrets;
   }
 }