All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

Keeper: A Cryptographic Secret Management Tool for Go Applications

By

babawere

1mo ago· 18 min readenCode
Bagel score 100 of 100
100/100
Golden Brown
Bagelometer

Pure flour-power. Hearty enough to carry you through lunch.

Score100Typehow-toSentimentneutral

Summary

Keeper is a cryptographic secret management tool for Go applications that provides secure storage for sensitive data. It uses Argon2id key derivation and XChaCha20-Poly1305 authenticated encryption to encrypt arbitrary byte payloads at rest, storing them in an embedded bbolt database. The tool was originally designed for the Agbero load balancer but works independently in any Go project, featuring bucket-based security policies with immutable security policies for each bucket's Data Encryption Key (DEK).

Key quotes

· 4 pulled
Keeper is a cryptographic secret store for Go.
It encrypts arbitrary byte payloads at rest using Argon2id key derivation and XChaCha20-Poly1305 (default) authenticated encryption, and stores them in an embedded bbolt database.
Keeper was designed as the foundational secret management layer for the Agbero load balancer but has no dependency on Agbero and works in any Go project.
Keeper partitions secrets into buckets. Every bucket has an immutable BucketSecurityPolicy that governs how its Data Encryption Key (DEK) is managed.
Snippet from the RSS feed
Simple Secure Keeper for Secrets . Contribute to agberohq/keeper development by creating an account on GitHub.

You might also wanna read

Keeper

opsmtrs.com·2d ago