Secreter

A secreter interface to provide encryption in transit.

Supports

• Local (simple encryption)
• Vault transit engine

In Progress:

• AWS KMS
• Azure Key Vault

note: for Local must be a base64-encoded key, of length 32 bytes when decoded

Example

make run-example

Encrypt and decrypt sensitive info example:

// Secreter initialise
secreter, err := encrypt.New(context.Background(), encrypt.Config{
  SecretType: encrypt.LocalSecret,
  SecretKey:  "fyktabT5I8fFK-mkSbbxIsfsbcnP-4QFa5awWmyuGqs=",
})

// Encrypt
secret, err := secreter.Encrypt(encrypt.Options{
  Plaintext: "sensitive",
})

// Decrypt
plaintext, err := secreter.Decrypt(encrypt.Options{
  CipherText: secret,
})

Check the full example here

If you want to generate keys for encryption you can use the following binaries here