Street Cred

Manage encrypted secrets for your applications.

Installation

As a command line tool:

cargo install street-cred

As a dependency of a Rust project:

cargo add street-cred

CLI Usage

Street Cred expects your encryption key to be in an environment variable named MASTER_KEY or in a file in the current directory named master.key.

# Initialize a new project with an encrypted secrets file and encryption key
street-cred init

# Edit existing file
street-cred edit secrets.txt.enc

Library Usage

You can also use Street Cred as a library for simple encryption/decryption in your own code.

use street_cred::FileEncryption;

let file_path = String::from("secrets.txt.enc");
let encryption_key = String::from("425D76994EE6101105DDDA2EE2604AA0");
let file_encryption = FileEncryption::new(file_path, encryption_key);

if let Some(decrypted_contents) = file_encryption.decrypt() {
  // do something with decrypted_contents
};

Inpsiration

Seeing how Ruby on Rails allowed storing encrypted secrets along side existing application code, I wanted this same capability without the Ruby/Rails requirement. This cli app and library allow developers to use the same pattern of storing encrypted secrets in repositories.

Security Notes

You should ensure that you never commit or track your encryption key in your repository if you choose to use this code to store encrypted secrets in a code repository. You can set up git to ignore both the encryption key and unencrypted file to ensure they are never committed.

Here's a sample gitignore setup that assumes a key stored in master.key and encrypted secrets in secrets.txt.enc:

# .gitignore
master.key
secrets.txt