ObfusKit is a ruby script that generates obfuscated secrets for Swift and Kotlin.
Install the latest version of the gem using:
gem install obfuskit
Call obfuskit -h for help.
Usage: obfuskit [options]
Specific options:
-l, --language [LANGUAGE] Output language (swift, kotlin). Kotlin requires a package parameter.
-k SECRET_1,SECRET_2,SECRET_3, List of environment variable keys
--keys
-p, --package [PACKAGE] Package name for Kotlin
-t, --type [TYPE] Output type name. Defaults to `ObfusKit`
-e, --env [PATH] Path to an alternative .env file
Common options:
-h, --help Show this message
-v, --version Show version
To generate Swift code, run the following command:
obfuskit -l swift -k SECRET_1,SECRET_2 > generated.swift
It will create the file generated.swift containing an obfuscated version of the environment variables SECRET_1 and SECRET_2.
This file should be excluded from the git repository and generated at build time.
The obfuscation salt is regenerated for each run.
import Foundation
enum ObfusKit {
static let SECRET_1: String = _o.r([30, 113, 37, 119, 32, 37, 36])
static let SECRET_2: String = _o.r([24, 117, 35, 119, 38, 33, 34])
private class _3f3eccd2e5ea46b39738e5502bda6bef { }
private static let _o = O(String(describing: _3f3eccd2e5ea46b39738e5502bda6bef.self))
}
// ...
The same concept applies to the Kotlin language using:
obfuskit -l kotlin -p com.myapp.configuration.environment -k SECRET_1,SECRET_2 > generated.kt
It will create the Kotlin version generated.kt.
package com.myapp.configuration.environment
object ObfusKit {
private val _o = O(_6572131328ef462d9d4a05cf4b2a2516::class.java.simpleName)
private class _6572131328ef462d9d4a05cf4b2a2516
val SECRET_1: String = _o.r(byteArrayOf(30, 116, 118, 115, 119, 119, 116))
val SECRET_2: String = _o.r(byteArrayOf(24, 112, 112, 115, 113, 115, 114))
}
// ...
Proguard/R8 changes class names and method names. This will break revealing secrets at run time.
To prevent this, add the according rules to your proguard-rules.pro file or use the --keep-annotation parameter to inject a custom annotation like @androidx.annotation.Keep into the generated code.
For example:
obfuskit -l kotlin -p com.myapp.configuration.environment -k SECRET_1,SECRET_2 --keep-annotation @androidx.annotation.Keep > generated.kt
Use the -e option to define the path to a different .env file, e.g., if you want to reuse the fastlane/.env file.
obfuskit -l swift -k SECRET_3,SECRET_4 -e fastlane/.env > generated.swift
FAQs
Unknown package
We found that obfuskit demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
AGENTS.md is a fast-growing open format giving AI coding agents a shared, predictable way to understand project setup, style, and workflows.
Security News
/Research
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
Security News
This episode explores the hard problem of reachability analysis, from static analysis limits to handling dynamic languages and massive dependency trees.