Skip to content

jurisk/crypto

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Crypto Build Status Coverage Status version

A library that facilitates decrypting passwords using an application secret stored in a Typesafe Config file.

When combined with an approach where the config file used is provided upon deployment and dynamically selected based on an environment variable it helps to avoid storing sensitive passwords in source control, while still allowing development configurations to be stored in source control.

Partially based on code from the Play! framework.

How to use

Add the following resolver

resolvers += Resolver.bintrayRepo("evolutiongaming", "maven")

Add the library to your dependencies list

libraryDependencies += "com.evolutiongaming" %% "crypto" % "1.2-SNAPSHOT"

Create an application config file environments/default.conf:

encryptedPasswords = true
application {
  secret = "abcdefghijklmnop" // only for example purposes, you should use a strong randomly generated secret
}

password = "2-DpBV9t/8a19P5o0fohf//Lpup8DF" // use com.evolutiongaming.crypto.Encrypt app to encrypt

Use the library as follows

import com.evolutiongaming.crypto.DecryptConfig
import com.typesafe.config.ConfigFactory

val environmentKey = "ENVIRONMENT"
val environment = System.getenv(environmentKey).orElse(sys.props.get(environmentKey).getOrElse("default")) // select the environment to use
val config = ConfigFactory.parseResourcesAnySyntax(s"environments/$environment") // load the config file

val password = config.getString("password") // the encrypted password to decrypt
val decrypted = DecryptConfig(password, config) // decrypting the password 

// now you can use the decrypted value to authenticate to external services

Examples

For more examples you can review DecryptConfigSpec.

Packages

No packages published

Languages

  • Scala 100.0%