tc-secrets 0.2.1

CLI tool to synchronize .env secrets with AWS Secrets Manager with encryption
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52

use anyhow::Result;
use magic_crypt::{MagicCrypt256, MagicCryptTrait, new_magic_crypt};

use super::error::CliError;

pub struct Encryption {
    mcrypt: MagicCrypt256,
}

impl Encryption {
    pub fn new(password: String) -> Self {
        let mcrypt = new_magic_crypt!(password, 256);
        Encryption { mcrypt }
    }

    pub fn encrypt(&self, data: String) -> Result<String, CliError> {
        if data.is_empty() {
            return Ok("".to_string());
        }

        // encrypt content
        let encrypted_content = self.mcrypt.encrypt_str_to_base64(&data);

        if encrypted_content.is_empty() {
            Err(CliError::EncryptionError(
                "Encrypted content is empty".to_string(),
            ))
        } else {
            Ok(encrypted_content)
        }
    }

    pub fn decrypt(&self, data: String) -> Result<String, CliError> {
        if data.is_empty() {
            return Ok("".to_string());
        }

        // decrypt content
        let content = self
            .mcrypt
            .decrypt_base64_to_string(data)
            .map_err(|e| CliError::DecryptionError(e.to_string()))?;

        if content.is_empty() {
            Err(CliError::DecryptionError(
                "Decrypted content is empty".to_string(),
            ))
        } else {
            Ok(content)
        }
    }
}