From b39a3ef1ac8b6fb22852def7a2f1294b327990ca Mon Sep 17 00:00:00 2001
From: Armin Friedl <dev@friedl.net>
Date: Sat, 23 Nov 2019 22:42:07 +0100
Subject: [PATCH] First version

- secsrv handling out secrets
- secsrv-companion helping in generating input
- secsrv-client retrieving secrets

Signed-off-by: Armin Friedl <dev@friedl.net>
---
 .gitignore                   |   4 +
 Cargo.lock                   | 684 +++++++++++++++++++++++++++++++++++
 Cargo.toml                   |   7 +
 README.md                    |  10 +
 secsrv-client/Cargo.toml     |  17 +
 secsrv-client/src/main.rs    |  66 ++++
 secsrv-companion/Cargo.toml  |  17 +
 secsrv-companion/src/main.rs |  61 ++++
 secsrv/Cargo.toml            |  18 +
 secsrv/src/comm.rs           |  61 ++++
 secsrv/src/keymgmt.rs        |  50 +++
 secsrv/src/keyring.rs        |  33 ++
 secsrv/src/main.rs           |  77 ++++
 secsrv/src/secrets.rs        |  20 +
 14 files changed, 1125 insertions(+)
 create mode 100644 .gitignore
 create mode 100644 Cargo.lock
 create mode 100644 Cargo.toml
 create mode 100644 README.md
 create mode 100644 secsrv-client/Cargo.toml
 create mode 100644 secsrv-client/src/main.rs
 create mode 100644 secsrv-companion/Cargo.toml
 create mode 100644 secsrv-companion/src/main.rs
 create mode 100644 secsrv/Cargo.toml
 create mode 100644 secsrv/src/comm.rs
 create mode 100644 secsrv/src/keymgmt.rs
 create mode 100644 secsrv/src/keyring.rs
 create mode 100644 secsrv/src/main.rs
 create mode 100644 secsrv/src/secrets.rs

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..70bff37
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,4 @@
+/target
+**/*.rs.bk
+*.cbor
+secreq.yaml
\ No newline at end of file
diff --git a/Cargo.lock b/Cargo.lock
new file mode 100644
index 0000000..fc5d693
--- /dev/null
+++ b/Cargo.lock
@@ -0,0 +1,684 @@
+# This file is automatically @generated by Cargo.
+# It is not intended for manual editing.
+[[package]]
+name = "adler32"
+version = "1.0.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "aho-corasick"
+version = "0.7.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "memchr 2.2.1 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "ansi_term"
+version = "0.11.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "winapi 0.3.8 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "atty"
+version = "0.2.13"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "libc 0.2.65 (registry+https://github.com/rust-lang/crates.io-index)",
+ "winapi 0.3.8 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "bitflags"
+version = "1.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "byteorder"
+version = "1.3.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "cc"
+version = "1.0.47"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "cfg-if"
+version = "0.1.10"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "clap"
+version = "2.33.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "ansi_term 0.11.0 (registry+https://github.com/rust-lang/crates.io-index)",
+ "atty 0.2.13 (registry+https://github.com/rust-lang/crates.io-index)",
+ "bitflags 1.2.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "strsim 0.8.0 (registry+https://github.com/rust-lang/crates.io-index)",
+ "textwrap 0.11.0 (registry+https://github.com/rust-lang/crates.io-index)",
+ "unicode-width 0.1.6 (registry+https://github.com/rust-lang/crates.io-index)",
+ "vec_map 0.8.1 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "crc32fast"
+version = "1.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "cfg-if 0.1.10 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "dtoa"
+version = "0.4.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "env_logger"
+version = "0.7.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "atty 0.2.13 (registry+https://github.com/rust-lang/crates.io-index)",
+ "humantime 1.3.0 (registry+https://github.com/rust-lang/crates.io-index)",
+ "log 0.4.8 (registry+https://github.com/rust-lang/crates.io-index)",
+ "regex 1.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "termcolor 1.0.5 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "filetime"
+version = "0.2.8"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "cfg-if 0.1.10 (registry+https://github.com/rust-lang/crates.io-index)",
+ "libc 0.2.65 (registry+https://github.com/rust-lang/crates.io-index)",
+ "redox_syscall 0.1.56 (registry+https://github.com/rust-lang/crates.io-index)",
+ "winapi 0.3.8 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "futures"
+version = "0.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "futures-channel 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "futures-core 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "futures-executor 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "futures-io 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "futures-sink 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "futures-task 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "futures-util 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "futures-channel"
+version = "0.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "futures-core 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "futures-sink 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "futures-core"
+version = "0.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "futures-executor"
+version = "0.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "futures-core 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "futures-task 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "futures-util 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "num_cpus 1.11.1 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "futures-io"
+version = "0.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "futures-macro"
+version = "0.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "proc-macro-hack 0.5.11 (registry+https://github.com/rust-lang/crates.io-index)",
+ "proc-macro2 1.0.6 (registry+https://github.com/rust-lang/crates.io-index)",
+ "quote 1.0.2 (registry+https://github.com/rust-lang/crates.io-index)",
+ "syn 1.0.8 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "futures-sink"
+version = "0.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "futures-task"
+version = "0.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "futures-util"
+version = "0.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "futures-channel 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "futures-core 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "futures-io 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "futures-macro 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "futures-sink 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "futures-task 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "memchr 2.2.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "pin-utils 0.1.0-alpha.4 (registry+https://github.com/rust-lang/crates.io-index)",
+ "proc-macro-hack 0.5.11 (registry+https://github.com/rust-lang/crates.io-index)",
+ "proc-macro-nested 0.1.3 (registry+https://github.com/rust-lang/crates.io-index)",
+ "slab 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "half"
+version = "1.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "heck"
+version = "0.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "unicode-segmentation 1.6.0 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "hermit-abi"
+version = "0.1.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "libc 0.2.65 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "humantime"
+version = "1.3.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "quick-error 1.2.2 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "lazy_static"
+version = "1.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "libc"
+version = "0.2.65"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "libflate"
+version = "0.1.27"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "adler32 1.0.4 (registry+https://github.com/rust-lang/crates.io-index)",
+ "crc32fast 1.2.0 (registry+https://github.com/rust-lang/crates.io-index)",
+ "rle-decode-fast 1.0.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "take_mut 0.2.2 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "libsodium-sys"
+version = "0.2.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "cc 1.0.47 (registry+https://github.com/rust-lang/crates.io-index)",
+ "libc 0.2.65 (registry+https://github.com/rust-lang/crates.io-index)",
+ "libflate 0.1.27 (registry+https://github.com/rust-lang/crates.io-index)",
+ "pkg-config 0.3.17 (registry+https://github.com/rust-lang/crates.io-index)",
+ "tar 0.4.26 (registry+https://github.com/rust-lang/crates.io-index)",
+ "vcpkg 0.2.7 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "linked-hash-map"
+version = "0.5.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "log"
+version = "0.4.8"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "cfg-if 0.1.10 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "memchr"
+version = "2.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "num_cpus"
+version = "1.11.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "hermit-abi 0.1.3 (registry+https://github.com/rust-lang/crates.io-index)",
+ "libc 0.2.65 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "pin-utils"
+version = "0.1.0-alpha.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "pkg-config"
+version = "0.3.17"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "proc-macro-error"
+version = "0.2.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "proc-macro2 1.0.6 (registry+https://github.com/rust-lang/crates.io-index)",
+ "quote 1.0.2 (registry+https://github.com/rust-lang/crates.io-index)",
+ "syn 1.0.8 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "proc-macro-hack"
+version = "0.5.11"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "proc-macro2 1.0.6 (registry+https://github.com/rust-lang/crates.io-index)",
+ "quote 1.0.2 (registry+https://github.com/rust-lang/crates.io-index)",
+ "syn 1.0.8 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "proc-macro-nested"
+version = "0.1.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "proc-macro2"
+version = "1.0.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "unicode-xid 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "quick-error"
+version = "1.2.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "quote"
+version = "1.0.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "proc-macro2 1.0.6 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "redox_syscall"
+version = "0.1.56"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "regex"
+version = "1.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "aho-corasick 0.7.6 (registry+https://github.com/rust-lang/crates.io-index)",
+ "memchr 2.2.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "regex-syntax 0.6.12 (registry+https://github.com/rust-lang/crates.io-index)",
+ "thread_local 0.3.6 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "regex-syntax"
+version = "0.6.12"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "rle-decode-fast"
+version = "1.0.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "secsrv"
+version = "0.1.0"
+dependencies = [
+ "env_logger 0.7.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "futures 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "log 0.4.8 (registry+https://github.com/rust-lang/crates.io-index)",
+ "serde 1.0.102 (registry+https://github.com/rust-lang/crates.io-index)",
+ "serde_cbor 0.10.2 (registry+https://github.com/rust-lang/crates.io-index)",
+ "sodiumoxide 0.2.5 (registry+https://github.com/rust-lang/crates.io-index)",
+ "structopt 0.3.4 (registry+https://github.com/rust-lang/crates.io-index)",
+ "toml 0.5.5 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "secsrv-client"
+version = "0.1.0"
+dependencies = [
+ "env_logger 0.7.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "log 0.4.8 (registry+https://github.com/rust-lang/crates.io-index)",
+ "serde 1.0.102 (registry+https://github.com/rust-lang/crates.io-index)",
+ "serde_cbor 0.10.2 (registry+https://github.com/rust-lang/crates.io-index)",
+ "serde_yaml 0.8.11 (registry+https://github.com/rust-lang/crates.io-index)",
+ "structopt 0.3.4 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "secsrv-util"
+version = "0.1.0"
+dependencies = [
+ "log 0.4.8 (registry+https://github.com/rust-lang/crates.io-index)",
+ "serde 1.0.102 (registry+https://github.com/rust-lang/crates.io-index)",
+ "serde_cbor 0.10.2 (registry+https://github.com/rust-lang/crates.io-index)",
+ "serde_yaml 0.8.11 (registry+https://github.com/rust-lang/crates.io-index)",
+ "sodiumoxide 0.2.5 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "serde"
+version = "1.0.102"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "serde_derive 1.0.102 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "serde_cbor"
+version = "0.10.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "byteorder 1.3.2 (registry+https://github.com/rust-lang/crates.io-index)",
+ "half 1.4.0 (registry+https://github.com/rust-lang/crates.io-index)",
+ "serde 1.0.102 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "serde_derive"
+version = "1.0.102"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "proc-macro2 1.0.6 (registry+https://github.com/rust-lang/crates.io-index)",
+ "quote 1.0.2 (registry+https://github.com/rust-lang/crates.io-index)",
+ "syn 1.0.8 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "serde_yaml"
+version = "0.8.11"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "dtoa 0.4.4 (registry+https://github.com/rust-lang/crates.io-index)",
+ "linked-hash-map 0.5.2 (registry+https://github.com/rust-lang/crates.io-index)",
+ "serde 1.0.102 (registry+https://github.com/rust-lang/crates.io-index)",
+ "yaml-rust 0.4.3 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "slab"
+version = "0.4.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "sodiumoxide"
+version = "0.2.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "libc 0.2.65 (registry+https://github.com/rust-lang/crates.io-index)",
+ "libsodium-sys 0.2.5 (registry+https://github.com/rust-lang/crates.io-index)",
+ "serde 1.0.102 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "strsim"
+version = "0.8.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "structopt"
+version = "0.3.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "clap 2.33.0 (registry+https://github.com/rust-lang/crates.io-index)",
+ "structopt-derive 0.3.4 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "structopt-derive"
+version = "0.3.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "heck 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "proc-macro-error 0.2.6 (registry+https://github.com/rust-lang/crates.io-index)",
+ "proc-macro2 1.0.6 (registry+https://github.com/rust-lang/crates.io-index)",
+ "quote 1.0.2 (registry+https://github.com/rust-lang/crates.io-index)",
+ "syn 1.0.8 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "syn"
+version = "1.0.8"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "proc-macro2 1.0.6 (registry+https://github.com/rust-lang/crates.io-index)",
+ "quote 1.0.2 (registry+https://github.com/rust-lang/crates.io-index)",
+ "unicode-xid 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "take_mut"
+version = "0.2.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "tar"
+version = "0.4.26"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "filetime 0.2.8 (registry+https://github.com/rust-lang/crates.io-index)",
+ "libc 0.2.65 (registry+https://github.com/rust-lang/crates.io-index)",
+ "redox_syscall 0.1.56 (registry+https://github.com/rust-lang/crates.io-index)",
+ "xattr 0.2.2 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "termcolor"
+version = "1.0.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "wincolor 1.0.2 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "textwrap"
+version = "0.11.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "unicode-width 0.1.6 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "thread_local"
+version = "0.3.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "lazy_static 1.4.0 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "toml"
+version = "0.5.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "serde 1.0.102 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "unicode-segmentation"
+version = "1.6.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "unicode-width"
+version = "0.1.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "unicode-xid"
+version = "0.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "vcpkg"
+version = "0.2.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "vec_map"
+version = "0.8.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "winapi"
+version = "0.3.8"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "winapi-i686-pc-windows-gnu 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)",
+ "winapi-x86_64-pc-windows-gnu 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "winapi-i686-pc-windows-gnu"
+version = "0.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "winapi-util"
+version = "0.1.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "winapi 0.3.8 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "winapi-x86_64-pc-windows-gnu"
+version = "0.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "wincolor"
+version = "1.0.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "winapi 0.3.8 (registry+https://github.com/rust-lang/crates.io-index)",
+ "winapi-util 0.1.2 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "xattr"
+version = "0.2.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "libc 0.2.65 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "yaml-rust"
+version = "0.4.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "linked-hash-map 0.5.2 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[metadata]
+"checksum adler32 1.0.4 (registry+https://github.com/rust-lang/crates.io-index)" = "5d2e7343e7fc9de883d1b0341e0b13970f764c14101234857d2ddafa1cb1cac2"
+"checksum aho-corasick 0.7.6 (registry+https://github.com/rust-lang/crates.io-index)" = "58fb5e95d83b38284460a5fda7d6470aa0b8844d283a0b614b8535e880800d2d"
+"checksum ansi_term 0.11.0 (registry+https://github.com/rust-lang/crates.io-index)" = "ee49baf6cb617b853aa8d93bf420db2383fab46d314482ca2803b40d5fde979b"
+"checksum atty 0.2.13 (registry+https://github.com/rust-lang/crates.io-index)" = "1803c647a3ec87095e7ae7acfca019e98de5ec9a7d01343f611cf3152ed71a90"
+"checksum bitflags 1.2.1 (registry+https://github.com/rust-lang/crates.io-index)" = "cf1de2fe8c75bc145a2f577add951f8134889b4795d47466a54a5c846d691693"
+"checksum byteorder 1.3.2 (registry+https://github.com/rust-lang/crates.io-index)" = "a7c3dd8985a7111efc5c80b44e23ecdd8c007de8ade3b96595387e812b957cf5"
+"checksum cc 1.0.47 (registry+https://github.com/rust-lang/crates.io-index)" = "aa87058dce70a3ff5621797f1506cb837edd02ac4c0ae642b4542dce802908b8"
+"checksum cfg-if 0.1.10 (registry+https://github.com/rust-lang/crates.io-index)" = "4785bdd1c96b2a846b2bd7cc02e86b6b3dbf14e7e53446c4f54c92a361040822"
+"checksum clap 2.33.0 (registry+https://github.com/rust-lang/crates.io-index)" = "5067f5bb2d80ef5d68b4c87db81601f0b75bca627bc2ef76b141d7b846a3c6d9"
+"checksum crc32fast 1.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "ba125de2af0df55319f41944744ad91c71113bf74a4646efff39afe1f6842db1"
+"checksum dtoa 0.4.4 (registry+https://github.com/rust-lang/crates.io-index)" = "ea57b42383d091c85abcc2706240b94ab2a8fa1fc81c10ff23c4de06e2a90b5e"
+"checksum env_logger 0.7.1 (registry+https://github.com/rust-lang/crates.io-index)" = "44533bbbb3bb3c1fa17d9f2e4e38bbbaf8396ba82193c4cb1b6445d711445d36"
+"checksum filetime 0.2.8 (registry+https://github.com/rust-lang/crates.io-index)" = "1ff6d4dab0aa0c8e6346d46052e93b13a16cf847b54ed357087c35011048cc7d"
+"checksum futures 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)" = "b6f16056ecbb57525ff698bb955162d0cd03bee84e6241c27ff75c08d8ca5987"
+"checksum futures-channel 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)" = "fcae98ca17d102fd8a3603727b9259fcf7fa4239b603d2142926189bc8999b86"
+"checksum futures-core 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)" = "79564c427afefab1dfb3298535b21eda083ef7935b4f0ecbfcb121f0aec10866"
+"checksum futures-executor 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)" = "1e274736563f686a837a0568b478bdabfeaec2dca794b5649b04e2fe1627c231"
+"checksum futures-io 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)" = "e676577d229e70952ab25f3945795ba5b16d63ca794ca9d2c860e5595d20b5ff"
+"checksum futures-macro 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)" = "52e7c56c15537adb4f76d0b7a76ad131cb4d2f4f32d3b0bcabcbe1c7c5e87764"
+"checksum futures-sink 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)" = "171be33efae63c2d59e6dbba34186fe0d6394fb378069a76dfd80fdcffd43c16"
+"checksum futures-task 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)" = "0bae52d6b29cf440e298856fec3965ee6fa71b06aa7495178615953fd669e5f9"
+"checksum futures-util 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)" = "c0d66274fb76985d3c62c886d1da7ac4c0903a8c9f754e8fe0f35a6a6cc39e76"
+"checksum half 1.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "9ff54597ea139063f4225f1ec47011b03c9de4a486957ff3fc506881dac951d0"
+"checksum heck 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)" = "20564e78d53d2bb135c343b3f47714a56af2061f1c928fdb541dc7b9fdd94205"
+"checksum hermit-abi 0.1.3 (registry+https://github.com/rust-lang/crates.io-index)" = "307c3c9f937f38e3534b1d6447ecf090cafcc9744e4a6360e8b037b2cf5af120"
+"checksum humantime 1.3.0 (registry+https://github.com/rust-lang/crates.io-index)" = "df004cfca50ef23c36850aaaa59ad52cc70d0e90243c3c7737a4dd32dc7a3c4f"
+"checksum lazy_static 1.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646"
+"checksum libc 0.2.65 (registry+https://github.com/rust-lang/crates.io-index)" = "1a31a0627fdf1f6a39ec0dd577e101440b7db22672c0901fe00a9a6fbb5c24e8"
+"checksum libflate 0.1.27 (registry+https://github.com/rust-lang/crates.io-index)" = "d9135df43b1f5d0e333385cb6e7897ecd1a43d7d11b91ac003f4d2c2d2401fdd"
+"checksum libsodium-sys 0.2.5 (registry+https://github.com/rust-lang/crates.io-index)" = "1c344ff12b90ef8fa1f0fffacd348c1fd041db331841fec9eab23fdb991f5e73"
+"checksum linked-hash-map 0.5.2 (registry+https://github.com/rust-lang/crates.io-index)" = "ae91b68aebc4ddb91978b11a1b02ddd8602a05ec19002801c5666000e05e0f83"
+"checksum log 0.4.8 (registry+https://github.com/rust-lang/crates.io-index)" = "14b6052be84e6b71ab17edffc2eeabf5c2c3ae1fdb464aae35ac50c67a44e1f7"
+"checksum memchr 2.2.1 (registry+https://github.com/rust-lang/crates.io-index)" = "88579771288728879b57485cc7d6b07d648c9f0141eb955f8ab7f9d45394468e"
+"checksum num_cpus 1.11.1 (registry+https://github.com/rust-lang/crates.io-index)" = "76dac5ed2a876980778b8b85f75a71b6cbf0db0b1232ee12f826bccb00d09d72"
+"checksum pin-utils 0.1.0-alpha.4 (registry+https://github.com/rust-lang/crates.io-index)" = "5894c618ce612a3fa23881b152b608bafb8c56cfc22f434a3ba3120b40f7b587"
+"checksum pkg-config 0.3.17 (registry+https://github.com/rust-lang/crates.io-index)" = "05da548ad6865900e60eaba7f589cc0783590a92e940c26953ff81ddbab2d677"
+"checksum proc-macro-error 0.2.6 (registry+https://github.com/rust-lang/crates.io-index)" = "aeccfe4d5d8ea175d5f0e4a2ad0637e0f4121d63bd99d356fb1f39ab2e7c6097"
+"checksum proc-macro-hack 0.5.11 (registry+https://github.com/rust-lang/crates.io-index)" = "ecd45702f76d6d3c75a80564378ae228a85f0b59d2f3ed43c91b4a69eb2ebfc5"
+"checksum proc-macro-nested 0.1.3 (registry+https://github.com/rust-lang/crates.io-index)" = "369a6ed065f249a159e06c45752c780bda2fb53c995718f9e484d08daa9eb42e"
+"checksum proc-macro2 1.0.6 (registry+https://github.com/rust-lang/crates.io-index)" = "9c9e470a8dc4aeae2dee2f335e8f533e2d4b347e1434e5671afc49b054592f27"
+"checksum quick-error 1.2.2 (registry+https://github.com/rust-lang/crates.io-index)" = "9274b940887ce9addde99c4eee6b5c44cc494b182b97e73dc8ffdcb3397fd3f0"
+"checksum quote 1.0.2 (registry+https://github.com/rust-lang/crates.io-index)" = "053a8c8bcc71fcce321828dc897a98ab9760bef03a4fc36693c231e5b3216cfe"
+"checksum redox_syscall 0.1.56 (registry+https://github.com/rust-lang/crates.io-index)" = "2439c63f3f6139d1b57529d16bc3b8bb855230c8efcc5d3a896c8bea7c3b1e84"
+"checksum regex 1.3.1 (registry+https://github.com/rust-lang/crates.io-index)" = "dc220bd33bdce8f093101afe22a037b8eb0e5af33592e6a9caafff0d4cb81cbd"
+"checksum regex-syntax 0.6.12 (registry+https://github.com/rust-lang/crates.io-index)" = "11a7e20d1cce64ef2fed88b66d347f88bd9babb82845b2b858f3edbf59a4f716"
+"checksum rle-decode-fast 1.0.1 (registry+https://github.com/rust-lang/crates.io-index)" = "cabe4fa914dec5870285fa7f71f602645da47c486e68486d2b4ceb4a343e90ac"
+"checksum serde 1.0.102 (registry+https://github.com/rust-lang/crates.io-index)" = "0c4b39bd9b0b087684013a792c59e3e07a46a01d2322518d8a1104641a0b1be0"
+"checksum serde_cbor 0.10.2 (registry+https://github.com/rust-lang/crates.io-index)" = "f7081ed758ec726a6ed8ee7e92f5d3f6e6f8c3901b1f972e3a4a2f2599fad14f"
+"checksum serde_derive 1.0.102 (registry+https://github.com/rust-lang/crates.io-index)" = "ca13fc1a832f793322228923fbb3aba9f3f44444898f835d31ad1b74fa0a2bf8"
+"checksum serde_yaml 0.8.11 (registry+https://github.com/rust-lang/crates.io-index)" = "691b17f19fc1ec9d94ec0b5864859290dff279dbd7b03f017afda54eb36c3c35"
+"checksum slab 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)" = "c111b5bd5695e56cffe5129854aa230b39c93a305372fdbb2668ca2394eea9f8"
+"checksum sodiumoxide 0.2.5 (registry+https://github.com/rust-lang/crates.io-index)" = "585232e78a4fc18133eef9946d3080befdf68b906c51b621531c37e91787fa2b"
+"checksum strsim 0.8.0 (registry+https://github.com/rust-lang/crates.io-index)" = "8ea5119cdb4c55b55d432abb513a0429384878c15dde60cc77b1c99de1a95a6a"
+"checksum structopt 0.3.4 (registry+https://github.com/rust-lang/crates.io-index)" = "c167b61c7d4c126927f5346a4327ce20abf8a186b8041bbeb1ce49e5db49587b"
+"checksum structopt-derive 0.3.4 (registry+https://github.com/rust-lang/crates.io-index)" = "519621841414165d2ad0d4c92be8f41844203f2b67e245f9345a5a12d40c69d7"
+"checksum syn 1.0.8 (registry+https://github.com/rust-lang/crates.io-index)" = "661641ea2aa15845cddeb97dad000d22070bb5c1fb456b96c1cba883ec691e92"
+"checksum take_mut 0.2.2 (registry+https://github.com/rust-lang/crates.io-index)" = "f764005d11ee5f36500a149ace24e00e3da98b0158b3e2d53a7495660d3f4d60"
+"checksum tar 0.4.26 (registry+https://github.com/rust-lang/crates.io-index)" = "b3196bfbffbba3e57481b6ea32249fbaf590396a52505a2615adbb79d9d826d3"
+"checksum termcolor 1.0.5 (registry+https://github.com/rust-lang/crates.io-index)" = "96d6098003bde162e4277c70665bd87c326f5a0c3f3fbfb285787fa482d54e6e"
+"checksum textwrap 0.11.0 (registry+https://github.com/rust-lang/crates.io-index)" = "d326610f408c7a4eb6f51c37c330e496b08506c9457c9d34287ecc38809fb060"
+"checksum thread_local 0.3.6 (registry+https://github.com/rust-lang/crates.io-index)" = "c6b53e329000edc2b34dbe8545fd20e55a333362d0a321909685a19bd28c3f1b"
+"checksum toml 0.5.5 (registry+https://github.com/rust-lang/crates.io-index)" = "01d1404644c8b12b16bfcffa4322403a91a451584daaaa7c28d3152e6cbc98cf"
+"checksum unicode-segmentation 1.6.0 (registry+https://github.com/rust-lang/crates.io-index)" = "e83e153d1053cbb5a118eeff7fd5be06ed99153f00dbcd8ae310c5fb2b22edc0"
+"checksum unicode-width 0.1.6 (registry+https://github.com/rust-lang/crates.io-index)" = "7007dbd421b92cc6e28410fe7362e2e0a2503394908f417b68ec8d1c364c4e20"
+"checksum unicode-xid 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "826e7639553986605ec5979c7dd957c7895e93eabed50ab2ffa7f6128a75097c"
+"checksum vcpkg 0.2.7 (registry+https://github.com/rust-lang/crates.io-index)" = "33dd455d0f96e90a75803cfeb7f948768c08d70a6de9a8d2362461935698bf95"
+"checksum vec_map 0.8.1 (registry+https://github.com/rust-lang/crates.io-index)" = "05c78687fb1a80548ae3250346c3db86a80a7cdd77bda190189f2d0a0987c81a"
+"checksum winapi 0.3.8 (registry+https://github.com/rust-lang/crates.io-index)" = "8093091eeb260906a183e6ae1abdba2ef5ef2257a21801128899c3fc699229c6"
+"checksum winapi-i686-pc-windows-gnu 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6"
+"checksum winapi-util 0.1.2 (registry+https://github.com/rust-lang/crates.io-index)" = "7168bab6e1daee33b4557efd0e95d5ca70a03706d39fa5f3fe7a236f584b03c9"
+"checksum winapi-x86_64-pc-windows-gnu 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f"
+"checksum wincolor 1.0.2 (registry+https://github.com/rust-lang/crates.io-index)" = "96f5016b18804d24db43cebf3c77269e7569b8954a8464501c216cc5e070eaa9"
+"checksum xattr 0.2.2 (registry+https://github.com/rust-lang/crates.io-index)" = "244c3741f4240ef46274860397c7c74e50eb23624996930e484c16679633a54c"
+"checksum yaml-rust 0.4.3 (registry+https://github.com/rust-lang/crates.io-index)" = "65923dd1784f44da1d2c3dbbc5e822045628c590ba72123e1c73d3c230c4434d"
diff --git a/Cargo.toml b/Cargo.toml
new file mode 100644
index 0000000..2a9491a
--- /dev/null
+++ b/Cargo.toml
@@ -0,0 +1,7 @@
+[workspace]
+
+members = [
+        "secsrv",
+        "secsrv-companion",
+        "secsrv-client"
+]
\ No newline at end of file
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..6928633
--- /dev/null
+++ b/README.md
@@ -0,0 +1,10 @@
+# SecServ
+The simple secret service
+
+# Protocol
+Alice (secret service): keypair (apk, ask)
+Bob (client): keypair (bpk, bsk)
+
+KEY {id: string, keyid: string, nonce: b64, tag: signature}
+// alice checks access rights of id for keyid
+EKY {nonce1:b64, enc(key, nonce:64, bpk), tag: signature}
diff --git a/secsrv-client/Cargo.toml b/secsrv-client/Cargo.toml
new file mode 100644
index 0000000..81ad9d6
--- /dev/null
+++ b/secsrv-client/Cargo.toml
@@ -0,0 +1,17 @@
+[package]
+name = "secsrv-client"
+version = "0.1.0"
+authors = ["Armin Friedl <dev@friedl.net>"]
+edition = "2018"
+
+# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
+
+[dependencies]
+# Base tools
+log = "0.4"
+env_logger="0.7"
+structopt = "0.3"
+# Communication
+serde = { version = "1.0", features = ["derive"]}
+serde_yaml = "0.8"
+serde_cbor = "0.10.2"
\ No newline at end of file
diff --git a/secsrv-client/src/main.rs b/secsrv-client/src/main.rs
new file mode 100644
index 0000000..537cdb5
--- /dev/null
+++ b/secsrv-client/src/main.rs
@@ -0,0 +1,66 @@
+#[allow(unused_imports)]
+use log::{debug, error, info, trace, warn};
+
+use env_logger;
+use structopt::StructOpt;
+use std::fs::File;
+use std::error::Error;
+use std::net::TcpStream;
+use std::net::SocketAddr;
+use std::io::Read;
+use std::net::IpAddr;
+use std::path::PathBuf;
+use std::io::BufRead;
+use std::io::BufReader;
+use std::io::Write;
+
+#[derive(StructOpt, Debug)]
+struct Args {
+    /// Path to the keys file
+    #[structopt(short, long, parse(from_os_str), env = "SECSRV_SECRETS", hide_env_values = true)]
+    secrets: PathBuf,
+
+    /// The port secsrv is listening on
+    #[structopt(short, long, env = "SECSRV_PORT", default_value = "9187")]
+    port: u16,
+
+    /// The address secsrv binds to
+    #[structopt(short, long, env = "SECSRV_IP", default_value = "127.0.0.1")]
+    ip: IpAddr
+}
+
+type Secrets = Vec<String>;
+
+fn main() -> Result<(), Box<dyn Error>>{
+    env_logger::init();
+    let args = Args::from_args();
+
+    info!{"Parsing sec requests"}
+
+    let secrets = parse_from_path(&args.secrets)?;
+
+    info!{"Connecting"}
+    let mut channel: TcpStream = TcpStream::connect(SocketAddr::from((args.ip, args.port)))?;
+
+    info!{"Reading secrets"}
+
+    for s in secrets {
+        let buf = serde_cbor::to_vec(&s)?;
+        channel.write_all(&buf.len().to_be_bytes())?;
+        channel.write_all(&buf)?;
+        info!{"Wrote secret {} as {:?}", s, buf}
+
+        let mut resp = String::new();
+        let mut reader = BufReader::new(&channel);
+        reader.read_line(&mut resp);
+        println!{"Resp: {:?}", resp};
+    }
+
+    Ok(())
+}
+
+pub fn parse_from_path(path: &PathBuf) -> Result<Secrets, Box<dyn Error>> {
+    let sec_file = File::open(path)?;
+
+    Ok(serde_yaml::from_reader::<_,Secrets>(sec_file)?)
+}
diff --git a/secsrv-companion/Cargo.toml b/secsrv-companion/Cargo.toml
new file mode 100644
index 0000000..bcdd6b4
--- /dev/null
+++ b/secsrv-companion/Cargo.toml
@@ -0,0 +1,17 @@
+[package]
+name = "secsrv-util"
+version = "0.1.0"
+authors = ["Armin Friedl <dev@friedl.net>"]
+edition = "2018"
+
+# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
+
+[dependencies]
+# Base tools
+log = "0.4"
+# Key management/Cryptography 
+sodiumoxide = "0.2.5"
+# Communication
+serde = { version = "1.0", features = ["derive"]}
+serde_cbor = "0.10.2"
+serde_yaml = "0.8"
diff --git a/secsrv-companion/src/main.rs b/secsrv-companion/src/main.rs
new file mode 100644
index 0000000..b94d4a7
--- /dev/null
+++ b/secsrv-companion/src/main.rs
@@ -0,0 +1,61 @@
+use std::error::Error;
+use std::fs::File;
+use sodiumoxide::crypto::box_;
+use serde::{Serialize, Deserialize};
+use std::collections::HashMap;
+use std::io::Write;
+
+#[derive(Debug,Serialize,Deserialize)]
+pub enum Key {
+    MasterKey {
+        id: String,
+        public_key: box_::PublicKey,
+        secret_key: box_::SecretKey
+    },
+
+    ClientKey {
+        id: String,
+        public_key: box_::PublicKey
+    }
+}
+
+pub type Secrets = HashMap<String, String>;
+pub type Secs = Vec<String>;
+
+fn main() -> Result<(), Box<dyn Error>> {
+    let keypair =  box_::gen_keypair();
+    let masterkey: Key = Key::MasterKey {
+        id: "master".to_owned(),
+        public_key: keypair.0,
+        secret_key: keypair.1
+    };
+
+    let f = File::create("./masterkey.cbor")?;
+    serde_cbor::to_writer(f, &masterkey)?;
+
+    let secrets: Secrets = [
+        ("ABC".to_owned(), "DEF".to_owned()),
+        ("XYZ".to_owned(), "ABC".to_owned()),
+    ].iter().cloned().collect();
+
+    let f = File::create("./secrets.cbor")?;
+    serde_cbor::to_writer(f, &secrets)?;
+
+    let secreta = "ABC".to_owned();
+    let mut f = File::create("./keyreq_a.cbor")?;
+    let buf = serde_cbor::to_vec(&secreta)?;
+    f.write(&buf.len().to_be_bytes())?;
+    f.write(&buf)?;
+
+    let secretb = "XYZ".to_owned();
+    let mut f = File::create("./keyreq_b.cbor")?;
+    let buf = serde_cbor::to_vec(&secretb)?;
+    f.write(&buf.len().to_be_bytes())?;
+    f.write(&buf)?;
+
+    let secs = vec!{"ABC", "XYZ"};
+    let f = File::create("./secreq.yaml")?;
+    serde_yaml::to_writer(f, &secs)?;
+
+    Ok(())
+}
diff --git a/secsrv/Cargo.toml b/secsrv/Cargo.toml
new file mode 100644
index 0000000..ac358b0
--- /dev/null
+++ b/secsrv/Cargo.toml
@@ -0,0 +1,18 @@
+[package]
+name = "secsrv"
+version = "0.1.0"
+authors = ["Armin Friedl <dev@friedl.net>"]
+edition = "2018"
+
+[dependencies]
+# Base tools
+log = "0.4"
+env_logger="0.7"
+structopt = "0.3"
+# Key management/Cryptography 
+sodiumoxide = "0.2.5"
+# Communication
+serde = { version = "1.0", features = ["derive"]}
+serde_cbor = "0.10.2"
+toml = "0.5"
+futures = { version = "0.3.1", features = ["thread-pool"]}
\ No newline at end of file
diff --git a/secsrv/src/comm.rs b/secsrv/src/comm.rs
new file mode 100644
index 0000000..2caada0
--- /dev/null
+++ b/secsrv/src/comm.rs
@@ -0,0 +1,61 @@
+#[allow(unused_imports)]
+use log::{debug, error, info, trace, warn};
+
+use std::net::{TcpListener, SocketAddr, TcpStream};
+use std::sync::Arc;
+use std::io::{Write};
+use std::io::Read;
+use futures::executor::ThreadPool;
+
+use crate::secrets::{Secrets};
+
+pub struct Channel {
+    pub executor: ThreadPool,
+    pub address: SocketAddr,
+}
+
+impl Channel {
+    pub fn listen(self, secrets: Arc<Secrets>) {
+
+        let listener:TcpListener = TcpListener::bind(self.address).unwrap();
+
+        listener.incoming().for_each(|inc| {
+            match inc {
+                Ok(tcp_stream) => self.executor.spawn_ok(handler(tcp_stream, secrets.clone())),
+                Err(e) => error!{"Failed binding incoming connection {}", e}
+            }
+        })
+    }
+}
+
+async fn handler(mut stream: TcpStream, secrets: Arc<Secrets>) {
+    let mut peek_buf = [0x00; 1];
+
+    while stream.peek(&mut peek_buf).unwrap() != 0 {
+        let mut len_buffer = [0x00; std::mem::size_of::<usize>()];
+        stream.read_exact(&mut len_buffer);
+        let len = usize::from_be_bytes(len_buffer) as u64;
+        debug!{"Length {}", len}
+
+        let mut buf: Vec<u8> = Vec::with_capacity(len as usize);
+        let mut handle = (&stream).take(len);
+        handle.read_to_end(&mut buf);
+        debug!{"Read vec {:?}", buf};
+        let res: Result<String, serde_cbor::Error> = serde_cbor::from_slice(&buf);
+
+        match res {
+            Ok(request) => {
+
+                if let Some(secret) = secrets.get(&request) {
+                    writeln!(stream, "{}", secret)
+                        .unwrap_or_else(|err| {error!{"Could not write key response to stream {}", err}});
+                    debug!{"Wrote {:?}", secret}
+                } else {
+                    writeln!(stream, "")
+                        .unwrap_or_else(|err| {error!{"Could not write key response to stream {}", err}})
+                }
+            },
+            Err(e) => error!{"Could not parse secret request: {}", e}
+        };
+    }
+}
diff --git a/secsrv/src/keymgmt.rs b/secsrv/src/keymgmt.rs
new file mode 100644
index 0000000..46f121d
--- /dev/null
+++ b/secsrv/src/keymgmt.rs
@@ -0,0 +1,50 @@
+use std::collections::HashMap;
+use sodiumoxide::crypto::box_;
+
+use serde::{Serialize, Deserialize};
+
+#[derive(Debug,Serialize,Deserialize)]
+pub struct MasterKey (String, box_::SecretKey, box_::PublicKey);
+
+#[derive(Debug,Serialize,Deserialize)]
+pub struct ClientKey (String, box_::PublicKey);
+
+#[derive(Default)]
+struct KeyStore {
+    keys: HashMap<String, ClientKey>
+}
+
+impl KeyStore {
+    fn get(&self, key: &str) -> Option<&ClientKey> {
+        self.keys.get(key)
+    }
+}
+
+pub struct KeyRing {
+    master: MasterKey,
+    keystore: KeyStore
+}
+
+impl KeyRing {
+    pub fn new(master: MasterKey) -> KeyRing {
+        KeyRing {master, keystore: KeyStore::default()}
+    }
+
+    pub fn seal(&self, data: &[u8], nonce: &[u8], id: String) -> Vec<u8> {
+        let nonce = box_::Nonce::from_slice(nonce).unwrap();
+        let sender_sk = &self.master.1;
+        let receiver_pk = &self.keystore.get(&id).unwrap().1;
+        box_::seal(&data, &nonce, &receiver_pk, &sender_sk)
+    }
+
+    pub fn unseal(&self, data: &[u8], nonce: &[u8], id: String) -> Vec<u8> {
+        let nonce = box_::Nonce::from_slice(nonce).unwrap();
+        let receiver_sk = &self.master.1;
+        let sender_pk = &self.keystore.get(&id).unwrap().1;
+        box_::open(&data, &nonce, &sender_pk, &receiver_sk).unwrap()
+    }
+
+    pub fn add_key(&mut self, id: String, pubkey: [u8;32]) {
+        self.keystore.keys.insert(id.clone(), ClientKey(id, box_::PublicKey::from_slice(&pubkey).unwrap()));
+    }
+}
diff --git a/secsrv/src/keyring.rs b/secsrv/src/keyring.rs
new file mode 100644
index 0000000..61f6b03
--- /dev/null
+++ b/secsrv/src/keyring.rs
@@ -0,0 +1,33 @@
+#[allow(unused_imports)]
+use log::{debug, error, info, trace, warn};
+
+use serde::{Serialize, Deserialize};
+use std::path::PathBuf;
+use std::fs::File;
+use std::io::Read;
+use sodiumoxide::crypto::box_;
+use std::error::Error;
+
+#[derive(Debug,Serialize,Deserialize)]
+pub enum Key {
+    MasterKey {
+        id: String,
+        public_key: box_::PublicKey,
+        secret_key: box_::SecretKey
+    },
+
+    ClientKey {
+        id: String,
+        public_key: box_::PublicKey
+    }
+}
+
+pub fn parse_from_path(path: &PathBuf, keep: bool) -> Result<Key, Box<dyn Error>> {
+    let mut mk_file = File::open(path)?;
+
+    let mut mk_data = Vec::new();
+    mk_file.read_to_end(&mut mk_data)?;
+    if !keep { std::fs::remove_file(path)?; };
+
+    Ok(serde_cbor::from_slice::<Key>(&mk_data)?)
+}
diff --git a/secsrv/src/main.rs b/secsrv/src/main.rs
new file mode 100644
index 0000000..ff49b29
--- /dev/null
+++ b/secsrv/src/main.rs
@@ -0,0 +1,77 @@
+#[allow(unused_imports)]
+use log::{debug, error, info, trace, warn};
+
+use env_logger;
+
+use std::convert::TryInto;
+use std::error::Error;
+use futures::executor::ThreadPool;
+use std::path::PathBuf;
+use structopt::StructOpt;
+use std::net::IpAddr;
+use std::net::SocketAddr;
+
+mod comm;
+mod keyring;
+mod secrets;
+
+use comm::Channel;
+
+#[derive(StructOpt, Debug)]
+struct Args {
+    /// Path to the master key file. Will be deleted after processing.
+    #[structopt(short, long, parse(from_os_str), env = "SECSRV_MASTER", hide_env_values = true)]
+    master: PathBuf,
+
+    /// Path to the secret keys file. Will be deleted after processing.
+    #[structopt(long, parse(from_os_str), env = "SECSRV_KEYS", hide_env_values = true)]
+    keys: PathBuf,
+
+    /// The port secsrv is listening on
+    #[structopt(short, long, env = "SECSRV_PORT", default_value = "9187")]
+    port: u16,
+
+    /// The address secsrv binds to
+    #[structopt(short, long, env = "SECSRV_IP", default_value = "127.0.0.1")]
+    ip: IpAddr,
+
+    /// Prevent deletion of key files
+    #[structopt(short)]
+    keep_keys: bool
+}
+
+fn main() -> Result<(), Box<dyn Error>>{
+    env_logger::init();
+    let args = Args::from_args();
+
+    _print_banner();
+
+    debug!{"Parsing master key from {}", args.master.display()}
+    let _master_key = keyring::parse_from_path(&args.master, args.keep_keys)?;
+
+    debug!{"Parsing secrets from {}", args.keys.display()}
+    let secrets = secrets::parse_from_path(&args.keys, args.keep_keys)?;
+
+    info!{"Setting up the connection pool"}
+    let executor = ThreadPool::new()?;
+    let address: SocketAddr = (args.ip, args.port).try_into()?;
+    debug!{"Connecting on {}", address}
+    let channel = Channel {executor, address};
+    channel.listen(secrets.into());
+
+    Ok(())
+}
+
+fn _print_banner() {
+    info!{r#"
+
+
+ ___  ___  ___ ___  ___ _ ____   __
+/ __|/ _ \/ __/ __|/ _ \ '__\ \ / /
+\__ \  __/ (__\__ \  __/ |   \ V /
+|___/\___|\___|___/\___|_|    \_/
+
+
+"#}
+
+}
diff --git a/secsrv/src/secrets.rs b/secsrv/src/secrets.rs
new file mode 100644
index 0000000..f18bf99
--- /dev/null
+++ b/secsrv/src/secrets.rs
@@ -0,0 +1,20 @@
+#[allow(unused_imports)]
+use log::{debug, error, info, trace, warn};
+
+use std::collections::HashMap;
+use std::error::Error;
+use std::path::PathBuf;
+use std::fs::File;
+use std::io::Read;
+
+pub type Secrets = HashMap<String, String>;
+
+pub fn parse_from_path(path: &PathBuf, keep: bool) -> Result<Secrets, Box<dyn Error>> {
+    let mut sec_file = File::open(path)?;
+
+    let mut sec_data = Vec::new();
+    sec_file.read_to_end(&mut sec_data)?;
+    if !keep { std::fs::remove_file(path)?; };
+
+    Ok(serde_cbor::from_slice::<Secrets>(&sec_data)?)
+}