Master :
Develop :
This tool is a personal safe.
You can download the binaries :
- Architecture i386 [ linux / darwin / freebsd / netbsd / openbsd / windows ]
- Architecture amd64 [ linux / darwin / freebsd / netbsd / openbsd / windows ]
- Architecture arm [ linux / freebsd / netbsd ]
Enigma configuration use toml format. File is located into $HOME/.config/enigma/enigma.toml
.
To use the Amazon KMS, :
-
Creates a KMS key via the AWS Console and store its ID (a UUID)
-
Setup the AWS region
-
Setup into the configuration file :
[kms] region = "eu-west-1" keyID = "xxxx-xxxx-xxxx"
-
Setup into the configuration file :
[s3] region = "eu-west-1" bucket = "my-enigma-bucket"
-
Initialize your bucket into S3 :
$ enigma bucket --debug create Create bucket 2016/01/14 23:45:10 [DEBUG] Amazon S3 Create bucket : cdcdscsdcsd 2016/01/14 23:45:11 [DEBUG] Amazon S3 { Location: "http://cdcdscsdcsd.s3.amazonaws.com/" } Bucket successfully created
Specify the email to use with your public key:
[gpg]
email = "foo.bar@gmail.com"
-
Setup into the configuration file :
[boltdb] file = "/tmp/enigma.db" bucket = "enigma"
-
Create your bucket :
$ enigma bucket --debug create 2016/01/14 23:57:11 Create /tmp/enigma Create bucket Bucket successfully created
# enigma.toml
# Encryption provider
backend = "gpg"
# Storage backend
storage = "boltdb"
[gpg]
email = "foo.bar@gmail.com"
[kms]
region = "eu-west-1"
keyID = "xxxx-xxxx-xxxx"
[aes]
key = "abcdefghijklmnop"
[s3]
region = "eu-west-1"
bucket = "mybucket"
[boltdb]
file = "/tmp/enigma.db"
bucket = "enigma"
-
List all secrets:
$ enigma secret list List secrets :
-
Store a new secret :
$ enigma secret --key="mysecret" --text="mypassword" put Store secret text mypassword with key mysecret Successfully uploaded data with key mysecret $ enigma secret list List secrets : - mysecret
-
Retrieve a secret :
$ enigma secret --key="mysecret" get Retrive secret text for key : mysecret Decrypted: mypassword
-
Store a new secret :
$ enigma secret --debug --key="nicolas" --text="mypassword" put 2016/01/14 23:08:04 [DEBUG] Init BoltDB storage : /tmp/enigma.db Store secret text mypassword with key nicolas 2016/01/14 23:08:04 [DEBUG] GPG Open public keyring /home/nlamirault/.gnupg/pubring.gpg 2016/01/14 23:08:04 [DEBUG] GPG Read public keyring 2016/01/14 23:08:04 [DEBUG] GPG Search key into keyring using nicolas.lamirault@gmail.com 2016/01/14 23:08:04 [DEBUG] Put : nicolas -----BEGIN PGP MESSAGE----- [...] 4AHkPJd4QQaimnFACYR8pTeEUuEgOODO4Arhwt/gDOKYMAIv4ILjI5qsqqWR+qjg zOF8/+Dp5GSbF7vp19ilGb8OubCpgHTiL/fIquGi8AA= =9agp -----END PGP MESSAGE----- Successfully uploaded data with key nicolas
-
Retrieve a secret :
$ bin/enigma secret --debug --key="nicolas" get 2016/01/14 23:10:06 [DEBUG] Init BoltDB storage : /tmp/enigma.db Retrive secret text for key : nicolas 2016/01/14 23:10:06 [DEBUG] Search entry with key : nicolas 2016/01/14 23:10:06 [DEBUG] GPG Search key into keyring using nicolas.lamirault@gmail.com GPG Passphrase: 2016/01/14 23:10:11 [DEBUG] GPG Decrypting private key using passphrase 2016/01/14 23:10:11 [DEBUG] GPG Finished decrypting private key using passphrase Decrypted: mypassword
-
Initialize environment
$ make init
-
Build tool :
$ make build
-
Launch unit tests :
$ make test
See CONTRIBUTING.
See LICENSE for the complete license.
A changelog is available
Nicolas Lamirault nicolas.lamirault@gmail.com