SafeCloset keeps your secrets in password protected files. SafeCloset is designed to be convenient and avoid common weaknesses like external editing or temporary files written on disk.

Warning

SafeCloset hasn't been independently audited yet and comes with absolutely no guarantee. And I can do nothing for you if you lose the secrets you stored in SafeCloset.

Overview

A closet is stored in a file that you can backup, keep with you on an USB key, etc.

A closet contains drawers, each one is found and open with its own password.

A drawer contains a list of (key, value). Values are texts in which you can store a code, a password, comments, a poem, some data, etc.

A drawer can also contains deeper crypted drawers.

Features

• The closet contains several drawers, some of them automatically created with an unknown password so that nobody can determine which drawers you're able to open, or even how many
• Each drawer is separately crypted with AES-GCM-SIV, with a random one-use nonce and the password/key of your choice. This gives an inherently long to test decrypt algorithm (but you should still use long passphrases for your drawers)
• You can have one or several drawers with real content. You can be forced to open a drawer at gun point and still keep other drawers secret without any trace, either at the top level or deeper in the drawer you opened
• When you open a drawer, with its password, you can read it, search it, edit it, close it
• In an open drawer you can create new drawers, or open deeper drawers if you know their password
• SafeCloset automatically quits on inactivity
• The size of the drawer's content isn't observable
• No clear file is ever created, edition is done directly in the TUI (external editors are usually the weakest point)
• No clear data is ever given to any external library, widget, etc.
• All data is viewed and edited in the TUI application
• You can compile SafeCloset yourself. Its code is small and auditable
• The code is 100% in Rust. I wouldn't trust anything else today for such a program
• The format of the closet file is described so that another application could be written to decode your closet files in the future (assuming you have the password)
• SafeCloset can't be queryied by other applications, like browsers. This is a feature.
• You may have all your secrets in one file easy to keep with you and backup
• No company can die and lose your secrets: you keep everything, with as many copies as necessary, where you want
• No company can be forced to add some secret stealing code: SafeCloset is small, open-source and repleacable
• Fast and convenient to use - This is where the focus of the design was
• Cross-platform because you don't know where you'll have to use your closet
• "I'm being watched" mode in which unselected values are hidden. This mode is kept per drawer, always activated when you launch SafeCloset with the --hide option, and toggled with ctrlh

Non features

• SafeCloset doesn't protect you against keyloggers
• SafeCloset doesn't protect you from somebody watching your screen while a secret value is displayed (but the rest of the drawer can be kept hidden)

Usage

Those screenshots are small, to fit here, but you may use SafeCloset full screen if you want.

Create your closet file

Run

safecloset some/name.closet

Have a glance at the help

Hit ? to go to the help screen, where you'll find the complete list of commands.

Hit esc to get back to the previous screen.

Create your first drawer

Hit ctrln

If you want, you can create a deeper drawer there, at any time, by hitting ctrln.

Or hit n to create a new entry, starting with its name then hitting tab to go fill its value.

Change the selection with the arrow keys. Go from input to input with the tab key. Or edit the currently selected field with a.

Reorder entries with ctrl🠕 and ctrl🠗.

In SafeCloset, when editing, searching, opening, etc., the enter key validates the operation while the esc key cancels or closes.

You may add newlines in values with ctrlenter:

You may notice the values are rendered as Markdown.

Don't hesitate to store hundreds of secrets in the same drawer as you'll easily find them with the fuzzy search.

Search with the / key:

When in the search input, remove the search with esc, freeze it with enter.

Save

Hit ctrls to save, or ctrlx to save and quit.

Reopen

The same command is used later on to open the closet again:

safecloset some/name.closet

It may be a good idea to define an alias so that you have your secrets easily available. You could for example have this in you .bashrc:

function xx {
	safecloset -o ~/some/name.closet
}

The -o argument makes safecloset immediately prompt for drawer password, so that you don't have to type ctrlo.

On opening, just type the password of the drawer you want to open (all will be tested until the right one opens):

Keyboard actions

• ? : Open the help screen
• ctrln : Create a drawer (in the open drawer, or at root when none is open)
• ctrlo : Open a drawer
• ctrlc : Close the current drawer, without saving (you're back in the upper level one if you close a deep drawer)
• ctrls : Save the current drawer and all upper drawers
• ctrlx : Save then quit
• ctrlq : Quit without saving (with no confirmation)
• / : Start searching the current drawer (do enter or use the down or up arrow key to freeze it)
• / then esc : Remove the current filtering
• esc : Cancel current field edition
• tab : Create a new entry or edit the value if you're already editing an entry's name
• arrow keys : Move selection, selecting either an entry name or a value
• i or insert : Start editing the selected name or value
• d : Remove the selected entry (with confirmation)
• Enter : Validate the current edition
• alt-Enter : New line in the currently edited value

Advices

1. Use the search to navigate among entries. That's the most efficient solution. It's OK to have thousands of secrets in your drawer.
2. You may not need deep drawers. They make you open twice, with two passwords, so don't use them without reason.
3. Don't use drawers as categories. They separate audience or security levels and ensure plausible deniability. You're supposed to have one drawer for most of your secrets. Maybe a second one if you have a very secret level. Or one with your work secrets that you may open with colleagues nearby. Or one for the family that even the kids can read. This shouldn't be more than 3 or 4 drawers at most.
4. Backup your closet files. They're not readable as long as your passphrases can't be guessed so you don't have to hide those files and it's most important to not lose them.
5. Use hard to guess passphrases, but ones that you can remember for a very long time.
6. You may keep the executables of all platforms on your USB keys, so that you can read your secrets everywhere.

Storage format

The closet file is a MessagePack encoded structure Closet with the following fields:

• salt: a string
• drawers: an array of ClosedDrawer

The MessagePack serialization preserves field names and allows future additions.

An instance of ClosedDrawer is a structure with the following fields:

• id: a byte array
• nonce: a byte array
• content: a byte array

The content is the AES-GCM-SIV encryption of the serializied drawer with the included nonce. The key used for this encryption is a 256 bits Argon2 hash of the password with the closet's salt.

The serialized drawer is a MessagePack encoded structure with the following fields:

• id: a byte array
• entries: an array of Entry
• settings: an instance of DrawerSettings
• closet: a deeper closet, containing drawers, etc.
• garbage: a random byte array

Instances of Entry contain the following fields:

• name: a string
• value: a string

Instances of DrawerSettings contain for now just one optional field:

• hide_values: a boolean