🔒 Deeply hide secrets with Kotlin Multiplatform
The Sekret plugin allows any Kotlin developer to deeply hide secrets in your project. This prevents credentials harvesting to a certain level.
The following obfuscation techniques are used:
This plugin is a more flexible and Kotlin Multiplatform compatible version of klaxit/hidden-secrets-gradle-plugin
⚠️ Nothing on the client-side is unbreakable. So generally speaking, keeping a secret in application package is not a smart idea. But when you absolutely need to, this is the best method to hide it.
This plugin can be used with any Kotlin project (single-, or multiplatform).
This project is available through mavenCentral
.
plugins {
id("dev.datlag.sekret") version "1.0.0"
}
You can call the following after applying the plugin in your build.gradle.kts
sekret {
packageName.set("your.package.name")
encryptionKey.set("yourUniqueEncryption") // default is the specified packageName
// more configuration...
}
The plugin will generate a separate module, since it needs to compile for native targets even if you just use Android or JVM for example.
Therefore, you need to include the generated sekret module in your settings.gradle.kts
.
⚠️ Make sure to exclude this module by adding it to your .gitignore
include(":sample", ":sample:sekret")
Create a sekret.properties
file in the project/module where you applied the plugin and simply add key-value pairs.
YOUR_KEY_NAME=yourSuperSecretSecret
OTHER_SECRET=th1s1s4n0th3rS3cr3t
You can change the name and location by changing the sekret configuration:
sekret {
propertiesFile.set(project.layout.projectDirectory.file("my-secrets.properties"))
}
⚠️ Make sure to exclude this file by adding it to your .gitignore
To generate source code for your provided secrets, just call ./gradlew generateSekret
.
You can change the generated build.gradle.kts
depending on your needs, just make sure to apply the required native targets:
androidNativeX
linuxX
, mingwX
and macOsX
, depending on your output platform.If you misconfigured your build script or added new targets to your base module, you can run ./gradlew sample:generateSekretBuildScript
.
Make sure to configure the compose application correctly, take a look at the sample project.
./gradlew createAndCopySekretNativeLibrary
.Sekret
class as is.val binaryLoded = NativeLoader.loadLibrary("sekret", System.getProperty("compose.application.resources.dir")?.let { File(it) })
if (binaryLoded) {
val yourKeyName = Sekret().yourKeyName("your-encryption-key")
val otherSecret = Sekret().otherSecret("your-encryption-key")
}
Sponsoring to this project means sponsoring to all my projects! So the further text is not to be attributed to this project, but to all my apps and libraries.
Supporting this project helps to keep it up-to-date. You can donate if you want or contribute to the project as well. This shows that the library is used by people, and it's worth to maintain.