Cpass

Cpass is simplified secured password two-ways encryption sub package port for Gosip.
By default, Cpass uses Machine ID as an encryption key so a secret hash can only be decrypted on a machine where it was generated.
Cpass's approach is appropriate in local development scenarios. The main goal is "not to show raw secret while presenting a desktop" or "not to commit raw secret by an incident to code source".
Installation
go get github.com/koltyakov/gosip/cpass
Convertor
package main
​
import (
	"flag"
	"fmt"
​
	"github.com/koltyakov/gosip/cpass"
)
​
func main() {
​
	var rawSecret string
​
	flag.StringVar(&rawSecret, "secret", "", "Raw secret string")
	flag.Parse()
​
	crypt := cpass.Cpass("")
​
	secret, _ := crypt.Encode(rawSecret)
	fmt.Println(secret)
​
}
Encrypt secrets
go run ./ -secret "[email protected]$word"
#> -lywbAGD4iPYdJXDxLAQoMUbfBXBIQR2UZYl
When use result token/hash as a secret in private.json file(s).
From sandbox
Another option would be installing cpass from sandbox:
go install github.com/koltyakov/gosip-sandbox/samples/cpass
And using cpass as a CLI, with no parameters the secret can be provided in a masked form without keeping it in console history:
$ cpass
Password to encode: ********
poXx8zaJM6gLazPCtv4rMVLoTuzX_1BvYJlMAQqK

Utilities - Previous

Headers presets

Next - Utilities

Compatibility matrix

Last modified 2yr ago

Export as PDF

Copy link

On this page

Installation

Convertor

Encrypt secrets

From sandbox