Package keycrypt implements an API for storing and retrieving opaque blobs of data stored in a secure fashion. Keycrypt multiplexes several backends, both local (e.g., macOS Keychain) and remote (e.g., AWS's KMS and S3).
Get data from a keycrypt URL.
Retrieve the content from a secret and unmarshal it into a value.
Put writes data to a keycrypt URL.
Marshal a value and write it into a secret.
Register associates a Resolver with a scheme.
RegisterFunc associates a Resolver (given by a func) with a scheme.
Interface Keycrypt represents a secure secret storage.
Secret represents a single object. Secret objects are uninterpreted bytes that are stored securely.
Lookup retrieves a secret based on a URL, in the standard form: scheme://host/path. The URL is interpreted according to the Resolver registered with the given scheme. The scheme "local" is a special scheme that attempts known local storage schemes: first "keychain", and then "file".
|file||Package file implements a file-based keycrypt.|
|kms||Package kms implements a Keycrypt using AWS's KMS service and S3.|