Skip to content

A secreter interface to hash in database or use the transit engine of Vault

License

Notifications You must be signed in to change notification settings

spirosoik/go-secreter

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

PkgGoDev report card

Secreter

A secreter interface to provide encryption in transit.

Supports

  • Local (simple encryption)
  • Vault transit engine

In Progress:

  • AWS KMS
  • Azure Key Vault

note: for Local must be a base64-encoded key, of length 32 bytes when decoded

Example

make run-example

Encrypt and decrypt sensitive info example:

// Secreter initialise
secreter, err := encrypt.New(context.Background(), encrypt.Config{
  SecretType: encrypt.LocalSecret,
  SecretKey:  "fyktabT5I8fFK-mkSbbxIsfsbcnP-4QFa5awWmyuGqs=",
})

// Encrypt
secret, err := secreter.Encrypt(encrypt.Options{
  Plaintext: "sensitive",
})

// Decrypt
plaintext, err := secreter.Decrypt(encrypt.Options{
  CipherText: secret,
})

Check the full example here

If you want to generate keys for encryption you can use the following binaries here