A completely randomized order of secrets; built with security in mind. Secrets can be automatically generated on a time interval or manually generated. Polysecrets keeps the guessing away from the human in exchange for a truly secret, randomized signing order. Instead of a hardcoded secret that can be stolen during a security breach, Polysecrets, randomizes the provided string in a way that a secret produced at 8:00pm can be completely different from a secret produced at 8:01pm, on the same server.
- Python 3.5+
- Windows, OSX or Linux
git clone https://github.com/ableinc/polysecrets.git cd polysecrets python3.6 -m pip install --upgrade . or pip3.6 install --upgrade .
python3.6 -m pip install --upgrade polysecrets or pip3.6 install --upgrade polysecrets
How To Use
Polysecrets can be used manually or automated. Automated use can be provided a time (in seconds) for
how often a new secret should be generated, the default time is set to 30 seconds.
** Run test.py to see a working example **
Automated (this will add the secret to your environment)
from os import environ from polysecrets import PolySecrets PolySecrets('rAnd0m_s3cr3t', 15).automated() # default time is set to 30 seconds print(environ['secret']) # confirm secret is available
from polysecrets import PolySecrets secret = PolySecrets('rAnd0m_s3cr3t').manual() print(secret) # confirm secret is available
Refer to examples folder for all use cases.
You can do the following with Polysecrets:
- Manually or Automatically generate new secrets
- Change time interval for new secret generation (for Automated feature)
- Change the length of the final Polysecrets secret (refer to Notes at end of README)
- Choose whether to generate secrets with just UUIDs, Alphanumeric characters or both
- Choose whether to change the case of various characters in Polysecrets secret
The CLI (below) has full details of each option (except automated option)
You can use Polysecrets as a command line tool. CLI does not provided automated feature.
polysecrets -s rAnd0m_s3cr3t
Usage: polysecrets [OPTIONS] Options: -s, --secret TEXT The secret string [required] -l, --length INTEGER Length of the secret. Secret has a minimum length of 10 -u, --uuid INTEGER Whether to use UUIDs or Alphanumeric characters for secret generation -m, --mixcase BOOLEAN Decide whether or not to mix the case of alphacharacters in secret string --version Show the version and exit. --help Show this message and exit.
- JSON Web Tokens
- Certificate Signing
- Various scenarios of Cryptography
(refer to Changelog)
- Add persistence. This will monitor the generated secrets and make sure the newly generated secret has not be used previously. Possibly, only within a 24 hour period.
- NodeJS version of Polysecrets
-- Completed June 4th, 2019 --
- Randomized upper and lower case alpha characters in secret string - Done.
- Custom secret string length - Done.
- Choice of just UUIDs, alphanumeric characters or both in secret generation - Done.
v0.1.1 - June 4th, 2019
- Custom secret string length, with a minimum of 10 characters
- You may mix the secret, in combination with the provided secret string, with UUIDs, alphanumeric characters or both.
- You can now select between upper and lower case mixing during secret generation
v0.1.0 - June 3rd, 2019
- Manually and autogenerated secrets, with fixed secret length
- Polysecrets CLI added
- If you change the length of the secret via the 'length' parameter, you will notice that the secret string you provided will not contain all the characters provided. If you want the final secret to contain all the exact same characters, then provide the exact string length to Polysecrets 'length' field.