EncryptedConfigValue.Net.Cli
1.0.1
See the version list below for details.
dotnet tool install --global EncryptedConfigValue.Net.Cli --version 1.0.1
dotnet new tool-manifest # if you are setting up this repo dotnet tool install --local EncryptedConfigValue.Net.Cli --version 1.0.1
#tool dotnet:?package=EncryptedConfigValue.Net.Cli&version=1.0.1
nuke :add-package EncryptedConfigValue.Net.Cli --version 1.0.1
EncryptedConfigValue.NET
In sync with encrypted-config-value v5.2.0 (a104ddefd48e2fb322f5db205f7c93f0ad4ae1d7)
EncryptedConfigValue.NET
is a .NET implementation of the Palantir's encrypted-config-value
library.
This repository provides tooling for encrypting certain configuration parameter values in ASP.NET Core apps. This defends against accidental leaks of sensitive information such as copy/pasting a config file.
EncryptedConfigValue.AspNetCore
A EncryptedConfigValue.AspNetCore
package provides a way of using encrypted values in your ASP.NET Core appsettings.json files.
Currently supported algorithms:
- AES: (AES/GCM/NoPadding) with random IV
- RSA
Install from NuGet:
Install-Package EncryptedConfigValue.Net.AspNetCore
To use in your app:
// If needed, set environment variable, default is var/conf/encrypted-config-value.key
my-application$ export encrypted_config_value.config.key_path=conf/encrypted-config-value.key
// appsettings.json
{
"Encrypted": "${enc:INNv4cGkVF45MLWZhgVZdIsgQ4zKvbMoJ978Es3MIKgrtz5eeTuOCLM1vPbQm97ejz2EK6M=}",
}
// Program.cs
using EncryptedConfigValue.AspNetCore;
using EncryptedConfigValue.Crypto;
// Optionally you can set environment variable in application
// Environment.SetEnvironmentVariable(KeyFileUtils.KeyPathProperty, "conf/encrypted-config-value.key");
var builder = WebApplication.CreateBuilder(args).AddEncryptedConfigValueProvider();
EncryptedConfigValue.Cli
A EncryptedConfigValue.Cli
project provides CLI tools for generating keys and encrypting values.
The CLI tool provides following commands:
encrypt-config-value [-v <value>] [-k <keyfile>]
for encrypting values. In the case of non-symmetric algorithms (e.g. RSA) specify the public key. If-v <value>
not provided, program will explicitly ask about value by running interactive mode. On Windows OS it is recommended to providekeyfile
parameter as default path points tovar\conf\encrypted-config-value.key
.generate-random-key -a <algorithm> [-f <keyfile>]
for generating random keys with the specified algorithm. In the case of non-symmetric algorithms (e.g. RSA) the private key will have a .private extension. On Windows OS it is recommended to providekeyfile
parameter as default path points tovar\conf\encrypted-config-value.key
.
Currently supported algorithms:
- AES: (AES/GCM/NoPadding) with random IV
- RSA
Install from NuGet:
dotnet tool install -g EncryptedConfigValue.Net.Cli
To generate keys:
my-application$ encrypted-config-value-dotnet generate-random-key -a AES
Wrote key to var/conf/encrypted-config-value.key
To encrypt value:
my-application$ encrypted-config-value-dotnet encrypt-config-value -v "secret-value"
enc:eyJUeXBlIjoiQUVTIiwiRW5jcnlwdGlvbk1vZGUiOjAsIkl2IjoiUFZkMDJqbkczQ2FCS2t4MyIsIkNpcGhlclRleHQiOiJMSXMraHNuU0dZUXVVWmc9IiwiVGFnIjoiLzRVeVN0ckpnNjRacGJUdGJRTWEzZz09In0=
EncryptedConfigValue.Module
You can use EncryptedConfigValue.Module
to create your own decrypt provider.
Install from NuGet:
Install-Package EncryptedConfigValue.Net.Module
Note
The project has been devised to align with the original functionality. Please refrain from suggesting changes that would alter how it works compared to the original. Any adjustments, additions, or removals should be carefully considered to ensure they align seamlessly with the established framework.
Product | Versions Compatible and additional computed target framework versions. |
---|---|
.NET | net8.0 is compatible. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. |
This package has no dependencies.