Crate brainos_vault

Expand description

§Brain Credential Vault

Secure credential storage with OS keychain preferred and an AES-256-GCM encrypted-file fallback. Raw values are injected at execution time and never passed through BrainOS memory in plaintext form outside the vault call site.

Re-exports§

pub use backend::BackendKind;
pub use backend::VaultBackend;
pub use inject::CredentialMetadata;
pub use inject::CredentialValue;
pub use inject::InjectedCredential;
pub use inject::InjectionShape;
pub use vault::resolve_backend;
pub use vault::BackendSelection;
pub use vault::CredentialVault;
pub use vault::DefaultVault;
pub use vault::VaultConfig;
pub use vault::VaultError;

Modules§

backend: Backend dispatch — one enum with cfg-gated variants.
file: Encrypted-file fallback backend.
inject: Injection shapes and credential value wrapper.
keyring: Linux secret-service backend (GNOME Keyring / KDE Wallet).
vault: CredentialVault trait, error type, default vault impl, and config.

Crate brainos_vault

Crate brainos_vault Copy item path

§Brain Credential Vault

Re-exports§

Modules§

Crate brainos_vault