Keyper is a powerful multi-platform Kotlin (Java) based CLI tool designed to simplify crypto key management and deployment with just a few commands. Think of Keyper as the Stripe for crypto keys. Every week, we introduce new features to help make security easier for developers and engineers worldwide.
# create key
keyper key create --backend local --stack gcp
# deploy to cloud kms
keyper deploy apply
# encrypt/decrypt
keyper key list # -> grab key-id
keyper data encrypt --key-id "<key-id>" --backend local -stack gcp --plaintext "<plaintext>" # returns ciphertext
keyper data decrypt --key-id "<key-id>" --backend local -stack gcp --ciphertext "<ciphertext>" # returns plaintext
Encrypting and decrypting data couldn't get easier than this. Jarrid's mission is to make crypto key management and software security as simple as possible for application and data engineers.
Enough talk. Here are the end-to-end demos with Keyper's Docker CLI.
Library is free to use here: https://github.com/jarrid-xyz/keyper
We know this is an early (buggy) release and we'd love to help you set it up. If you have any feedback we'd love to talk to you.
Let's TalkOur plan is to further streamline key management with IAM role support directly integrated with cloud providers. Adding IAM role permission configurations on top of existing key configurations allows platform and governance teams to easily track and control which applications/platforms have specific permissions to encrypt/decrypt with each key.
Currently, Keyper only supports symmetric keys. Sharing symmetric key is typically achieved with asymmetric key encryption. A hybrid approach ensures better performance and efficiency in terms of encryption/decryption while allowing safe sharing of the symmetric key itself. Sounds complicated? Don't worry, we will be wrapping all these exchange in Keyper so that it's as simple as keyper key share <...> for developers to share keys.
We understand that blog posts and READMEs aren't necessarily the easiest to search or provide a full picture of how Keyper CLI and library work. We will be providing more comprehensive documentation as we continue to add functionalities next week.
We are super excited about the progress we've made so far and are eagerly looking for projects to help us further prove out this concept. The library itself is completely free, with the goal of simplifying security for developers and providing a more documented flow. This allows you to easily meet various compliance, regulation, and security requirements at the same time. Of the various crypto key management libraries such as tink and libsodium, we are the ONLY library that allows you to directly leverage any cloud-based KMS (via Terraform) with clear documentation and traceability without added complexity or burden for application and data engineers to understand how crypto keys work under the hood.
Give Keyper a try and ask us any questions. We’d love to help you build secure applications and data pipelines without added complexity.