diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md index 5c1df9b..84a11cf 100644 --- a/.github/CONTRIBUTING.md +++ b/.github/CONTRIBUTING.md @@ -22,7 +22,7 @@ Think about environment setup. About linter : - locally ESLint 9.0 is used as dev dependencies and rely on `eslint.config.js` ([doc](https://eslint.org/docs/latest/use/configure/configuration-files)) - - on Github PR, [HoundCi service](https://houndci.com) is triggered and rely on [`.hound.yml`](../.hound.yml) file and derived file. HoundCi is yet not compatible with 9.0 config file ([src](http://help.houndci.com/en/articles/2461415-supported-linters) - [eslint 8.0 config file doc](https://eslint.org/docs/v8.x/use/configure/configuration-files). + - on GitHub PR, [HoundCi service](https://houndci.com) is triggered and rely on [`.hound.yml`](../.hound.yml) file and derived file. HoundCi is yet not compatible with 9.0 config file ([src](http://help.houndci.com/en/articles/2461415-supported-linters) - [eslint 8.0 config file doc](https://eslint.org/docs/v8.x/use/configure/configuration-files). # Maintainer HowTos ## HowTo create a fresh version diff --git a/README.md b/README.md index bb76544..889ebe0 100644 --- a/README.md +++ b/README.md @@ -211,19 +211,19 @@ Optional ssl related options ### mongodump options -| option | env | required | default value | description | -|--------------------------|------------------------|----------|-------------------------|-----------------------------------------------------------------------| -| `path` | `MT_PATH` | false | `backup` | dump target directory, created if it doesn't exist | -| `dumpCmd ` | `MT_MONGODUMP` | false | `mongodump` | mongodump binary | -| `fileName` | `MT_FILENAME` | false | `` | dump target filename | -| `encrypt` | | false | false | encrypt the dump using secret | -| `secret` | `MT_SECRET` | false | null | secret to use if encrypt is enabled | -| `encryptSuffix` | | false | `.enc` | encrypt file suffix | -| `includeCollections` | | false | (none) | **Deprecated** - please use `collection` | -| `collection` | `MT_COLLECTION` | false | (none) | Collection to include, if not specified all collections are included | -| `excludeCollections` | `MT_EXCLUDE_COLLECTIONS` | false | (none) | Collections to exclude, if not specified all collections are included | -| `numParallelCollections` | | false | 4 | Number of collections mongodump should export in parallel. | -| `viewsAsCollections` | | false | false | When specified, mongodump exports read-only views as collections. | +| option | env | required | default value | description | +|--------------------------|------------------------|----------|-------------------------|------------------------------------------------------------------------------| +| `path` | `MT_PATH` | false | `backup` | dump target directory, created if it doesn't exist | +| `dumpCmd ` | `MT_MONGODUMP` | false | `mongodump` | mongodump binary | +| `fileName` | `MT_FILENAME` | false | `` | dump target filename | +| `encrypt` | | false | false | encrypt the dump using secret | +| `secret` | `MT_SECRET` | false | null | secret to use if encrypt is enabled (aes-256-ctr require 32 byte length key) | +| `encryptSuffix` | | false | `.enc` | encrypt file suffix | +| `includeCollections` | | false | (none) | **Deprecated** - please use `collection` | +| `collection` | `MT_COLLECTION` | false | (none) | Collection to include, if not specified all collections are included | +| `excludeCollections` | `MT_EXCLUDE_COLLECTIONS` | false | (none) | Collections to exclude, if not specified all collections are included | +| `numParallelCollections` | | false | 4 | Number of collections mongodump should export in parallel. | +| `viewsAsCollections` | | false | false | When specified, mongodump exports read-only views as collections. | Simple example: ``` diff --git a/lib/MTEncrypt.js b/lib/MTEncrypt.js index e39dd18..c2fbd05 100644 --- a/lib/MTEncrypt.js +++ b/lib/MTEncrypt.js @@ -2,6 +2,7 @@ import fs from 'fs'; import crypto from 'crypto'; const algorithm = 'aes-256-ctr'; +const expectedKeyLength = 32;// aes-256-ctr require 32 byte length key const iv = "NODE-MONGOTOOLS_";// crypto.randomBytes(16); // credit - July 30, 2020 - Atta : https://attacomsian.com/blog/nodejs-encrypt-decrypt-data @@ -9,6 +10,9 @@ class MTEncrypt { encrypt(source, destination, secretKey, removeSource = true) { return new Promise(resolve => { + if (!secretKey || secretKey.length !== expectedKeyLength) { + throw new Error(`Encrypt algorithm ${algorithm} require a secret key having ${expectedKeyLength} length`); + } // input file const inStream = fs.createReadStream(source); // encrypt content