README
¶
confcrypt 
Encrypt your sensitive data in config file and decrypt it at runtime.
Get
go get -u "github.com/WqyJh/confcrypt"
Usage
Use any random string as your config key.
Use EncryptString to encrypt all of your sensitive data one by one.
var (
key = "12345678"
)
func TestEncrypt(t *testing.T) {
plain := "hello"
encrypted, err := confcrypt.EncryptString(plain, key)
assert.NoError(t, err)
t.Logf("encrypted: '%s'", encrypted)
decrypted, err := confcrypt.Decrypt(encrypted[4:], key)
assert.NoError(t, err)
t.Logf("decrypted: '%s'", decrypted)
}
func TestDecrypt(t *testing.T) {
encrypted := "ENC~tSbCaeksELsWsw9+eXADFTRONqOTiPkL6q5yRW8Wp4Um"
decrypted, err := confcrypt.Decrypt(encrypted[4:], key)
assert.NoError(t, err)
t.Logf("decrypted: '%s'", decrypted)
}
Replace all of your sensitive data in your config with the encrypted string, which should start with ENC~.
And use Decrypt to decrypt the encrypted string without ENC~ prefix.
It's recommended to use Decode to decrypt all encrypted string fields in a struct.
For example, assume you have config struct as below:
type AppConfig {
Id string
Secret string
}
type Config struct {
User string
Password string
App AppConfig
}
You load it from config file and got:
cfg := Config{
User: "foo",
Password: "ENC~xxxxxxxxxxxxxxxxxxxxx",
App: AppConfig{
Id: "bar",
Secret: "ENC~yyyyyyyyyyyyyyyyyyyy",
},
}
Then use Decode to decrypt the encrypted fields including Password and Secret.
result, err := confcrypt.Decode(&cfg, key)
// result.Password is decrypted
// result.App.Secret is decrypted
License
Released under the MIT License.
Documentation
¶
Overview ¶
Package confcrypt provides a simple interface for encrypting and decrypting your config.
Index ¶
Constants ¶
This section is empty.
Variables ¶
var (
ErrInvalidCipherText = errors.New("invalid text to decrypt")
)
Functions ¶
func Decode ¶
Decode decrypts the encrypted string fields start with `ENC~` in fields tree of obj and returns the decrypted obj.
Types ¶
This section is empty.
Source Files