Search…
Cpass
πŸ” Simple secure string password convertor
Cpass is simplified secured password two-ways encryption sub package port for Gosip.
By default, Cpass uses Machine ID as an encryption key so a secret hash can only be decrypted on a machine where it was generated.
Cpass's approach is appropriate in local development scenarios. The main goal is "not to show raw secret while presenting a desktop" or "not to commit raw secret by an incident to code source".

Installation

1
go get github.com/koltyakov/gosip/cpass
Copied!

Convertor

1
package main
2
​
3
import (
4
"flag"
5
"fmt"
6
​
7
"github.com/koltyakov/gosip/cpass"
8
)
9
​
10
func main() {
11
​
12
var rawSecret string
13
​
14
flag.StringVar(&rawSecret, "secret", "", "Raw secret string")
15
flag.Parse()
16
​
17
crypt := cpass.Cpass("")
18
​
19
secret, _ := crypt.Encode(rawSecret)
20
fmt.Println(secret)
21
​
22
}
Copied!

Encrypt secrets

1
go run ./ -secret "[email protected]$word"
2
#> -lywbAGD4iPYdJXDxLAQoMUbfBXBIQR2UZYl
Copied!
When use result token/hash as a secret in private.json file(s).

From sandbox

Another option would be installing cpass from sandbox:
1
go install github.com/koltyakov/gosip-sandbox/samples/cpass
Copied!
And using cpass as a CLI, with no parameters the secret can be provided in a masked form without keeping it in console history:
1
$ cpass
2
Password to encode: ********
3
poXx8zaJM6gLazPCtv4rMVLoTuzX_1BvYJlMAQqK
Copied!
Last modified 1yr ago