keystore: Managing stores of secret things

[ bsd3, cryptography, library, program ] [ Propose Tags ]

Writing deployment scripts is a critical yet error-prone activity which we would rather do in Haskell. One of the most difficult aspect of deployment scripts is the management of credentials: they cannot be stored in the VCS like almost everything else, but need to be organised and accessed while under lock and key. This is the problem that keystore is trying to solve: flexible, secure and well-typed deployment scripts.

All Haskell

This package is written purely in Haskell and all of the cryptographic packages it relies upon are written in Haskell.

JSON Format

It stores everything in a JSON format that has proven to be stable. We can can use migrations in future should the store need to be reorganized.

Simple and Flexible Underlying Model

The Layers

The keystore package has several layers. Most users will probably need only the top "batteries-included" layer:

Launch Instructions

See the bottom README on GitHub home page for launch instructions for the deploy example.

Versions [faq],,,,,,,,,,,,,,,,,,,,,,,,,
Change log changelog
Dependencies aeson (>=1), aeson-pretty (>=0.7), ansi-wl-pprint (>=, api-tools (>=0.4), asn1-encoding (>=0.8.0), asn1-types (>=0.2.0), base (>4 && <5), base64-bytestring (>=1.0), byteable (>=0.1), bytestring (>=0.9), cipher-aes (>=0.2.6), containers (>=0.4), crypto-pubkey (>=0.2.1), crypto-random (>=0.0.7), directory (>=1.2), filepath (>=1.3), keystore, lens (>=3.9.2), mtl (>=2), old-locale (>=, optparse-applicative (>=0.11.0 && <0.14), pbkdf (>=, process (>=, raw-strings-qq (>=1.0.2), regex-compat-tdfa (>=0.95.1), safe (>=0.3.3), setenv (>=0.1), text (>=0.11.3), time (>=1.4), unordered-containers (>=, vector (>= [details]
License BSD-3-Clause
Copyright Chris Dornan
Author Chris Dornan
Revised Revision 1 made by HerbertValerioRiedel at Sun Mar 17 22:36:35 UTC 2019
Category Cryptography
Home page
Source repo head: git clone
Uploaded by ChrisDornan at Mon Aug 21 10:21:13 UTC 2017
Distributions NixOS:
Executables deploy, ks
Downloads 9725 total (486 in the last 30 days)
Rating (no votes yet) [estimated by rule of succession]
Your Rating
  • λ
  • λ
  • λ
Status Hackage Matrix CI
Docs not available [build log]
All reported builds failed as of 2017-08-21 [all 3 reports]


  • Data
    • Data.KeyStore
      • Data.KeyStore.CLI
        • Data.KeyStore.CLI.Command
      • Data.KeyStore.IO
        • Data.KeyStore.IO.IC
      • Data.KeyStore.KS
        • Data.KeyStore.KS.CPRNG
        • Data.KeyStore.KS.Configuration
        • Data.KeyStore.KS.Crypto
        • Data.KeyStore.KS.KS
        • Data.KeyStore.KS.Opt
        • Data.KeyStore.KS.Packet
      • Data.KeyStore.PasswordManager
      • Data.KeyStore.Sections
      • Data.KeyStore.Types
        • Data.KeyStore.Types.E
        • Data.KeyStore.Types.NameAndSafeguard
        • Data.KeyStore.Types.PasswordStoreModel
        • Data.KeyStore.Types.PasswordStoreSchema
        • Data.KeyStore.Types.Schema
      • Data.KeyStore.Version



Use -f <flag> to enable a flag, or -f -<flag> to disable that flag. More info


Note: This package has metadata revisions in the cabal description newer than included in the tarball. To unpack the package including the revisions, use 'cabal get'.

Maintainer's Corner

For package maintainers and hackage trustees