Git::Crypt - Encrypt/decrypt sensitive files saved on public repos
gitcrypt help #show gitcrypt help gitcrypt init #initialize gitcrypt and its config gitcrypt set cipher Blowfish #set a gitcrypt cipher gitcrypt set key "some key" #set a key gitcrypt set salt "some key" #set a salt gitcrypt change key "new key" #change key gitcrypt change salt "a salt" #change salt gitcrypt list #list files gitcrypt status #show status, files gitcrypt add file1-xy lib/file2 #add files in gitcrypt gitcrypt del file1-ab lib/tests #del files in gitcrypt gitcrypt encrypt #set files on encrypted state gitcrypt encrypt file1 file2 #encrypt specific files gitcrypt decrypt #set files on decrypted state gitcrypt decrypt file1 file2 #decrypt specific files gitcrypt precommit #encrypt for precommit hook. Then decrypt
To integrate in git, use git hooks. Use pre-commit to encrypt and add the encrypted file for commit. And post-commit to keep files decrypted.
Auto encrypt every file and set them for commit. The following script will be called upon 'git commit .' command.
$ file=.git/hooks/pre-commit ; cat <<HOOK > $file && chmod +x $file #!/usr/bin/env perl `gitcrypt precommit`; exit 0; HOOK
If used gitcrypt precommit the files will be encrypted during commit and decrypted right after.
This mode works good if only some files are encrypted and others are always decrypted. But all must be encrypted for commit.
Another option, is to encrypt everything with "gitcrypt encrypt". And use a post-commit hook to decrypt everything [optional].
$ file=.git/hooks/pre-commit ; cat <<HOOK > $file && chmod +x $file #!/usr/bin/env perl `gitcrypt encrypt`; exit 0; HOOK
Auto decrypt every file after commit executed. * If precommit hook uses gitcrypt precommit, then this is not necessary because "gitcrypt precommit" will decrypt files automatically.
$ file=.git/hooks/post-commit; cat <<HOOK > $file ; chmod +x $file #!/usr/bin/env perl `gitcrypt decrypt`; exit 0; HOOK
$ f=.git/hooks/githooks.pl ; cat <<HOOKS > $f; chmod +x $f #!/usr/bin/env perl use Git::Hooks; PRE_COMMIT { my ($git) = @_; `gitcrypt precommit`; }; run_hook($0, @ARGV); HOOKS $ cd .git/hooks; ln -s githooks.pl pre-commit
my $gitcrypt = Git::Crypt->new( files => [ { file => 'file1', is_encrypted => 0, }, { file => 'file2', is_encrypted => 0, }, ], cipher => Crypt::CBC->new( -key => 'a very very very veeeeery very long key', -cipher => 'Blowfish', -salt => pack("H16", "very very very very loooong salt") ) ); #gitcrypt->add([qw| file1 file2 |]); #gitcrypt->del([qw| file1 file2 |]); #gitcrypt->list; #gitcrypt->key('some key'); #gitcrypt->salt('some key'); $gitcrypt->crypt; #save files encrypted $gitcrypt->decrypt; #save files decrypted
my $gitcrypt = Git::Crypt->new( files => [ { file => 'file1', is_encrypted => 0, }, { file => 'file2', is_encrypted => 0, }, ], key => 'a very very very veeeeery very long key', cipher_name => 'Blowfish', salt => pack("H16", "very very very very loooong salt") ); #gitcrypt->add([qw| file1 file2 |]); #gitcrypt->del([qw| file1 file2 |]); #gitcrypt->list; #gitcrypt->key('some key'); #gitcrypt->salt('some key'); $gitcrypt->crypt; #save files encrypted $gitcrypt->decrypt; #save files decrypted
Git::Crypt can be used to encrypt files before a git commit. That way its possible to upload encrypted files to public repositories. Git::Crypt encrypts line by line to prevent too many unnecessary diffs between encrypted commits.
Since gitcrypt encrypts line by line, the diff can show wether its a big/small changes in commit.
index b1202fc..6c2f3e6 100644 --- a/lib/App/Crypted/CreditCard.pm +++ b/lib/App/Crypted/CreditCard.pm @@ -14,25 +14,29 @@ U2FsdGVkX19iyl3d3d3d3UjtB1nkCoDP U2FsdGVkX19iyl3d3d3d3T3HmAPM6gbK U2FsdGVkX19iyl3d3d3d3XVxkdxldN7U U2FsdGVkX19iyl3d3d3d3X49YqpLm/iZ+Y1xf1iU/BDvVc5ipe6ZgQ== -U2FsdGVkX19iyl3d3d3d3Ut9C6nKtOzc -U2FsdGVkX19iyl3d3d3d3Ut9C6nKtOzc -U2FsdGVkX19iyl3d3d3d3Ut9C6nKtOzc -U2FsdGVkX19iyl3d3d3d3Ut9C6nKtOzc -U2FsdGVkX19iyl3d3d3d3Ut9C6nKtOzc -U2FsdGVkX19iyl3d3d3d3Ut9C6nKtOzc -U2FsdGVkX19iyl3d3d3d3Ut9C6nKtOzc -U2FsdGVkX19iyl3d3d3d3Ut9C6nKtOzc -U2FsdGVkX19iyl3d3d3d3Ut9C6nKtOzc -U2FsdGVkX19iyl3d3d3d3Ut9C6nKtOzc -U2FsdGVkX19iyl3d3d3d3Ut9C6nKtOzc -U2FsdGVkX19iyl3d3d3d3Ut9C6nKtOzc -U2FsdGVkX19iyl3d3d3d3Ut9C6nKtOzc -U2FsdGVkX19iyl3d3d3d3Ut9C6nKtOzc -U2FsdGVkX19iyl3d3d3d3Ut9C6nKtOzc +U2FsdGVkX19iyl3d3d3d3Tz+ZxmSz/rxgEmpWYlLzsk= +U2FsdGVkX19iyl3d3d3d3Tz+ZxmSz/rxgEmpWYlLzsk= +U2FsdGVkX19iyl3d3d3d3Tz+ZxmSz/rxgEmpWYlLzsk= +U2FsdGVkX19iyl3d3d3d3Tz+ZxmSz/rxgEmpWYlLzsk= +U2FsdGVkX19iyl3d3d3d3Tz+ZxmSz/rxgEmpWYlLzsk= +U2FsdGVkX19iyl3d3d3d3Tz+ZxmSz/rxgEmpWYlLzsk= +U2FsdGVkX19iyl3d3d3d3Tz+ZxmSz/rxgEmpWYlLzsk= +U2FsdGVkX19iyl3d3d3d3Tz+ZxmSz/rxgEmpWYlLzsk= +U2FsdGVkX19iyl3d3d3d3Tz+ZxmSz/rxgEmpWYlLzsk= +U2FsdGVkX19iyl3d3d3d3Tz+ZxmSz/rxgEmpWYlLzsk= +U2FsdGVkX19iyl3d3d3d3Tz+ZxmSz/rxgEmpWYlLzsk= +U2FsdGVkX19iyl3d3d3d3Tz+ZxmSz/rxgEmpWYlLzsk= +U2FsdGVkX19iyl3d3d3d3Tz+ZxmSz/rxgEmpWYlLzsk= +U2FsdGVkX19iyl3d3d3d3Tz+ZxmSz/rxgEmpWYlLzsk= +U2FsdGVkX19iyl3d3d3d3Tz+ZxmSz/rxgEmpWYlLzsk= U2FsdGVkX19iyl3d3d3d3Tz+ZxmSz/rx2ego3EqSeUk= U2FsdGVkX19iyl3d3d3d3Tz+ZxmSz/rxsn4D6bxrGww= U2FsdGVkX19iyl3d3d3d3Tz+ZxmSz/rxsn4D6bxrGww= U2FsdGVkX19iyl3d3d3d3Tz+ZxmSz/rx2ego3EqSeUk= U2FsdGVkX19iyl3d3d3d3T3HmAPM6gbK U2FsdGVkX19iyl3d3d3d3XVxkdxldN7U +U2FsdGVkX19iyl3d3d3d3T0XLptL7y1QEx/u7OaQVy2BZbX3SM7f2w== +U2FsdGVkX19iyl3d3d3d3erugupayFMCneYosuHZNbl3jV0GvJ1HDg== +U2FsdGVkX19iyl3d3d3d3T3HmAPM6gbK +U2FsdGVkX19iyl3d3d3d3XVxkdxldN7U U2FsdGVkX19iyl3d3d3d3X/cRzzeMPXS
Hernan Lopes CPAN ID: HERNAN perldelux hernanlopes@gmail.com
https://github.com/hernan604/Git-Crypt
This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.
The full text of the license can be found in the LICENSE file included with this module.
perl(1).
To install Git::Crypt, copy and paste the appropriate command in to your terminal.
cpanm
cpanm Git::Crypt
CPAN shell
perl -MCPAN -e shell install Git::Crypt
For more information on module installation, please visit the detailed CPAN module installation guide.