Manage encrypted secrets for your applications.
As a command line tool:
cargo install street-cred
As a dependency of a Rust project:
cargo add street-cred
Street Cred expects your encryption key to be in an environment variable named
MASTER_KEY
or in a file in the current directory named master.key
.
# Initialize a new project with an encrypted secrets file and encryption key
street-cred init
# Edit existing file
street-cred edit secrets.txt.enc
You can also use Street Cred as a library for simple encryption/decryption in your own code.
use street_cred::FileEncryption;
let file_path = String::from("secrets.txt.enc");
let encryption_key = String::from("425D76994EE6101105DDDA2EE2604AA0");
let file_encryption = FileEncryption::new(file_path, encryption_key);
if let Some(decrypted_contents) = file_encryption.decrypt() {
// do something with decrypted_contents
};
Seeing how Ruby on Rails allowed storing encrypted secrets along side existing application code, I wanted this same capability without the Ruby/Rails requirement. This cli app and library allow developers to use the same pattern of storing encrypted secrets in repositories.
You should ensure that you never commit or track your encryption key in your repository if you choose to use this code to store encrypted secrets in a code repository. You can set up git to ignore both the encryption key and unencrypted file to ensure they are never committed.
Here's a sample gitignore setup that assumes a key stored in master.key
and
encrypted secrets in secrets.txt.enc
:
# .gitignore
master.key
secrets.txt