go/secret

Files

maze d5c9b425c7 Added README

2025-09-05 12:19:03 +02:00

1.7 KiB

Raw Blame History

secret

Package secret provides a simple interface for fetching secrets from a secrets provider.

The basic interface is:

type Provider interface {
	GetSecret(key string) (value []byte, err error)
}

Providers

This package is targeting the following secrets providers:

Environment variables
Environment variables files
AWS Key Management Service (KMS)
AWS Session Manager Parameter Store
Azure Key Vault
GCP Secret Manager
Hashicorp Vault
Keyring: Linux
Keyring: macOS Keychain Access
Keyring: Windows SecretStore

Decryption

The secret provider may return encrypted values, which can be transparently descrypted by this package.

Supported decryption methods:

AES-GCM (AES-128-GCM, AES-256-GCM) Authenticated Encryption with Associated Data
RSA-OAEP Optimal Asymmetric Encryption Padding (RFC8017)
RSA-PKCS#1 version 1.5 (RFC2313)
ChaCha20-Poly1305 and XChaCha20-Poly1305 Authenticated Encryption with Associated Data (RFC8439)
NaCL Secretbox Secret-key authenticated encryption