3 unstable releases
Uses new Rust 2024
| new 0.2.1 | May 23, 2025 |
|---|---|
| 0.2.0 | May 23, 2025 |
| 0.1.0 | May 23, 2025 |
#281 in Parser implementations
42 downloads per month
32KB
125 lines
json-simple-obfuscator
A tool to partially hide json value (using unsecure pseudonimize / obfuscate algo).
Goals / Use-cases
- Hide sensitive values into samples json used for test, demo
- Hide values also when present as part of an other string
- Idempotent and constant:
apply(a.json) == apply(apply(apply(.... (apply(a.json))))), so it could be used as part of pre-commit hook, build stage,... - DO NOT use it to encrypt secrets,...
A simple algorithm
{
"a": "Hello",
"id": 123456,
"details": {
"user": "johnD",
"name": "John Doe",
"url": "http://example.com/item/123456"
}
}
becomes
{
"a": "Hello",
"id": 111111,
"details": {
"user": "aaaaA",
"name": "Aaaa Aaa",
"url": "http://example.com/item/111111"
}
}
- Collect values (string or number) of "sensitive" fields.
the "sensitive" fields are field named(in lowercase):
id,_id,*token,*password,*secret,user,*name, ` - For each value, compute the replacement value
- for number, replace every digit by
1(preserve the number of digit, dot & comma) - for string, replace lowercase by
aand uppercase byA, digit by1(preserve other caracteres: )
- for number, replace every digit by
- Search collected values, and replace by the computed replacement into the json as text (to preserve structure, order, comment for json5/jsonc, ...)
Possible feature (on-demand)
Feedback, PR and feature request are welcomes. By example:
- Option to provide the list of sensitive fields
- Option to exclude some field name form the sensitive pattern
- Option to provide fixed replacement (using a lookup table)
- Option to compute replacement for different alphabet, emoji, ...
- Option to use random replacement (and break the idempotency)
Dependencies
~1.6–2.7MB
~50K SLoC