Skip to content

Cognet-74/MiniSecret

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
.github/workflows
.github/workflows
 
 
minisecret.egg-info
minisecret.egg-info
 
 
minisecret
minisecret
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
setup.py
setup.py
 
 

Repository files navigation

🔐 MiniSecret

PyPI version License Python

MiniSecret is a minimal, secure secrets manager for Python projects and automation agents.
It uses AES-256-GCM encryption and an environment-based master key to keep your secrets safe, simple, and offline.

📦 Features

  • 🔒 AES-256-GCM authenticated encryption
  • 🔐 Environment-based master key (MINISECRET_KEY)
  • 🧊 Local encrypted file store (secrets.enc.json)
  • ⚙️ Simple Python class + optional CLI tool
  • 🧽 Secure memory auto-wipe for sensitive values
  • 🚫 No cloud dependencies or runtime daemons

🧪 Summary Comparison

Feature MiniSecret python-keyring python-decouple hvac / AWS / GCP
🔐 Encryption ✅ AES-256-GCM ✅ OS-backed ❌ None ✅ Enterprise
📁 File-based
💻 Works offline ⚠️ Limited
🧠 Simple to use
🛡️ Secrets in memory only ✅ Optional

⚙️ Installation

Install directly from PyPI:

pip install minisecret

🔑 Setup: Master Key

✅ Step 1: Generate a Strong Key

python -c "import os, base64; print(base64.urlsafe_b64encode(os.urandom(32)).decode())"

✅ Step 2: Set the MINISECRET_KEY Environment Variable

🔹 Linux/macOS (temporary)

export MINISECRET_KEY="your-generated-key"

To persist: add to ~/.bashrc, ~/.zshrc, or .profile.

🔹 Windows PowerShell (temporary)

$env:MINISECRET_KEY = "your-generated-key"

🔹 Windows GUI (persistent)

  1. Search for "Environment Variables"
  2. Add a new User variable
    • Name: MINISECRET_KEY
    • Value: your-generated-key

🧪 Example: Store and Use Secrets

You want to store the following secret:

MySecretPassword

✅ CLI: Store the Secret

minisecret put my_password MySecretPassword

✅ CLI: Retrieve the Secret

minisecret get my_password

Secure retrieval (auto-wiped from memory):

minisecret get my_password --secure

List all stored keys:

minisecret list

✅ Python: Use the Stored Secret

from minisecret import MiniSecret
import pyautogui
import time

secrets = MiniSecret()

# Secure version (wiped from memory immediately)
password = secrets.secure_get("my_password")

# Type the password into a GUI window
time.sleep(2)
pyautogui.write(password, interval=0.1)

🔐 Security Notes

  • Secrets are encrypted with AES-256-GCM and stored in secrets.enc.json
  • Secrets are decrypted only in memory when accessed
  • Use secure_get() or --secure to clear secrets from memory after use
  • Do not commit secrets.enc.json or your MINISECRET_KEY to version control

✅ CLI Summary

minisecret put <key> <value>
minisecret get <key> [--secure]
minisecret list

📚 License

MIT

💡 Ideas for the Future

  • ⏳ Auto-expiring secrets
  • 📦 Project-based secret stores
  • 🔐 Password-prompt fallback for the master key
  • 🧽 Clipboard auto-clear support

Developed with ❤️ by @Cognet-74

About

Minimal AES-256-GCM-based secrets manager for Python

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

5 tags

Packages

 
 
 

Contributors

Languages