Skip to content

jihyunlab/secret-cli

BranchesTags

Repository files navigation

@jihyunlab/secret-cli

Version Downloads Last commit License Linter code style: prettier
Build Lint codecov

@jihyunlab/secret-cli is a command-line interface tool developed for encrypting .env files.

@jihyunlab/secret-cli encrypts .env files, which can be decrypted by @jihyunlab/secret and @jihyunlab/web-secret depending on the runtime environment.

The encryption function is implemented with @jihyunlab/secret and provides encryption for AES 256 GCM.

Installation

npm i -g @jihyunlab/secret-cli

Usage

secret --help
Usage: secret [options] [command]

JihyunLab Secret CLI

Options:
  -V, --version                output the version number
  -h, --help                   display help for command

Commands:
  encrypt|e [options] <input>  encrypt a file
  decrypt|d [options] <input>  decrypt a file
  help [command]               display help for command

Usage (help):
  secret encrypt --help
  secret decrypt --help

Usage (.env encryption):
  secret encrypt --env .env --out .env.enc
  secret encrypt --env .env --key ENV_KEY --out .env.enc

Usage (.env decryption):
  secret decrypt --env .env.enc --out .env.dec
  secret decrypt --env .env.enc --key ENV_KEY --out .env.dec

Encrypting .env file

Encryption of .env files is based on the following .env file.

ENV_KEY=ENV_VALUE
ENV_KEY_1=ENV_VALUE_1
ENV_KEY_2=ENV_VALUE_2

Encrypting all keys

Encrypt all key values in the .env file by directly entering the separately managed encryption key.

secret encrypt --env .env --secret YourSecretKey --out .env.enc
Input: .env
Output: .env.enc

Encryption process:
- Using input secret
- ENV_KEY ... [OK]
- ENV_KEY_1 ... [OK]
- ENV_KEY_2 ... [OK]
- Encryption completed successfully

Summary:
- Using input secret
- Overwriting existing file
- .env encrypted to .env.enc

ENV_KEY=5b47faa38e6a9cb2fd65b34dff0a9befc67d77bc6a4a352c28534fed195dfd9ca1f9917af8
ENV_KEY_1=d37f8e719afed09d28c19f7b29c42398f5b942623e23082532cd5bc6bcf75625bf73a4104e38a7
ENV_KEY_2=3e49f6218bb1220e10d3d4165ef60a0ad43499371ba7d1142d2f65b142c5b96d3dc3a2f0b97244

Encrypting a specific key

Encrypt specific key values in the .env file.

secret encrypt --env .env --secret YourSecretKey --key ENV_KEY --out .env.enc
Input: .env
Output: .env.enc

Encryption process:
- Using input secret
- ENV_KEY ... [OK]
- ENV_KEY_1 ... [Skipped]
- ENV_KEY_2 ... [Skipped]
- Encryption completed successfully

Summary:
- Using input secret
- Overwriting existing file
- .env encrypted to .env.enc

ENV_KEY=392b8b61b81df7a473869447041520d939c30e59e43181fdbbf8e909d9092481d772c1efd7
ENV_KEY_1=ENV_VALUE_1
ENV_KEY_2=ENV_VALUE_2

You can encrypt multiple specific key values at once.

secret encrypt --env .env --secret YourSecretKey --key ENV_KEY_1 --key ENV_KEY_2 --out .env.enc
Input: .env
Output: .env.enc

Encryption process:
- Using input secret
- ENV_KEY ... [Skipped]
- ENV_KEY_1 ... [OK]
- ENV_KEY_2 ... [OK]
- Encryption completed successfully

Summary:
- Using input secret
- Overwriting existing file
- .env encrypted to .env.enc

ENV_KEY=ENV_VALUE
ENV_KEY_1=7839546c9ae8f8bac1031f48b0377a7275b24f3da127deb8bc828deee6d5ac9c29eb72abcb9ee3
ENV_KEY_2=3ab27ab3d0e7f53a001378daa2f8387633f2688d28775bcda5921792142ea1b8359fb0725da659

Decryption

You can decrypt the encrypted .env file using the same method as encryption.

secret decrypt --env .env.enc --secret YourSecretKey --key ENV_KEY --out .env.dec
Input: .env.enc
Output: .env.dec

Decryption process:
- Using input secret
- ENV_KEY ... [OK]
- ENV_KEY_1 ... [Skipped]
- ENV_KEY_2 ... [Skipped]
- Decryption completed successfully

Summary:
- Using input secret
- Overwriting existing file
- .env.enc decrypted to .env.dec

ENV_KEY=ENV_VALUE
ENV_KEY_1=ENV_VALUE_1
ENV_KEY_2=ENV_VALUE_2

Encryption key

If you register JIHYUNLAB_SECRET_KEY in system or user environment variables, it will be used as the encryption key during encryption.

export JIHYUNLAB_SECRET_KEY=YourSecretKey

You can encrypt all key values in the .env file using the encryption key registered in the environment variables.

secret encrypt --env .env --out .env.enc

Input: .env
Output: .env.enc

Encryption process:
- Using JIHYUNLAB_SECRET_KEY
- ENV_KEY ... [OK]
- ENV_KEY_1 ... [OK]
- ENV_KEY_2 ... [OK]
- Encryption completed successfully

Summary:
- Using JIHYUNLAB_SECRET_KEY
- Overwriting existing file
- .env encrypted to .env.enc

ENV_KEY=8c22dbcce705a1b95df2c7841f6735eba5d91bcecf1c1132ec35fd5a976dd8556763649075
ENV_KEY_1=17022b50356a3da6bad09e8012830a7078058796fcd75c594a180802320b009385761c7ce66208
ENV_KEY_2=f4d96b31dbbace4bd769c30a430da7f142c4fa058c565a80d2fb3e101cca29c0f8bfc106076aaa

@jihyunlab/secret

@jihyunlab/secret implements the .env decryption functionality for Node.js applications.

To decrypt the encrypted .env file from @jihyunlab/secret-cli in a Node.js application, you can install and use @jihyunlab/secret.

npm i @jihyunlab/secret
import { Env } from '@jihyunlab/secret';

const cipher = await Env.createCipher();
const value = await cipher.decrypt(process.env.ENV_KEY);

@jihyunlab/web-secret

@jihyunlab/web-secret implements the .env decryption functionality for web applications.

To decrypt the encrypted .env file from @jihyunlab/secret-cli in a web application, you can install and use @jihyunlab/web-secret.

npm i @jihyunlab/web-secret
import { CIPHER, Env } from '@jihyunlab/web-secret';

const cipher = await Env.createCipher(CIPHER.AES_256_GCM, 'YourSecretKey');
const value = await cipher.decrypt(process.env.ENV_KEY);

Credits

Authored and maintained by JihyunLab <info@jihyunlab.com>

License

Open source licensed as MIT.

About

JihyunLab Secret CLI.

Topics

cli crypto encryption cipher secret env decryption

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages