envcrypt 0.1.0

Encrypt environment variables at compile-time and decrypt them at runtime.
Documentation

envcrypt

Drop-in replacement for env! that encrypts your variables at compile-time and decrypts them at runtime, preventing naughty folks from snooping your binary for secrets or credentials.

Usage

use envcrypt::envcrypt;

fn main() {
  let my_super_secret_key = envcrypt!("SECRET_KEY");
  // do stuff with your secret key
}

With dotenv:

.env:

CLIENT_SECRET="my_client_secret"
SOME_TOKEN="some_token"

build.rs:

fn main() {
  println!("cargo:rerun-if-changed=.env");

  for (key, value) in dotenv::vars() {
    println!("cargo:rustc-env=${key}=${value}");
  }
}

main.rs:

use envcrypt::envcrypt;

fn main() {
  let client_secret = envcrypt!("CLIENT_SECRET");
}

Details

Encryption is powered by MagicCrypt using AES-256 encryption.