cipherstash-client 0.34.0-alpha.4

The official CipherStash SDK
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68

# CipherStash Client SDK

[![Crates.io Version](https://img.shields.io/crates/v/cipherstash-client?style=for-the-badge)](https://crates.io/crates/cipherstash-client)
[![docs.rs](https://img.shields.io/docsrs/cipherstash-client?style=for-the-badge)](https://docs.rs/cipherstash-client/)
[![Built by CipherStash](https://raw.githubusercontent.com/cipherstash/meta/refs/heads/main/csbadge.svg)](https://cipherstash.com)

 [Website](https://cipherstash.com) | [Docs](https://cipherstash.com/docs) | [Discussions](https://github.com/orgs/cipherstash/discussions)


The CipherStash SDK is the main way of interacting with CipherStash services.
It includes clients for talking to ZeroKMS, CipherStash Token Service (CTS) and the services used to power Audit.

It also contains all the indexing and encryption logic used in CipherStash products.

## Getting Started

To get started add the `cipherstash-client` dependency to your `Cargo.toml`

```toml
[dependencies]
cipherstash-client = "0.34.0"
```

### Creating a ZeroKMS Client

Use [`ZeroKMSBuilder`] to create a new [`ZeroKMS`] client. With this you can:

- Manage keysets, config and clients
- Encrypt and decrypt data

```no_run
use cipherstash_client::zerokms::ZeroKMSBuilder;

#[tokio::main]
async fn main() {
    let client = ZeroKMSBuilder::auto()
        .expect("failed to detect credentials")
        .build()
        .expect("failed to build client");

    let keyset = client.create_keyset("users", "A keyset used to encrypt my users' information")
        .await
        .expect("failed to create keyset");
}
```

### Creating a CTS Client

Use [`CtsClient`] to manage access keys and identity tokens:

```rust,no_run
use cipherstash_client::{CtsClient, Region, WorkspaceId};
use cts_common::claims::Role;
use stack_auth::{AccessKey, AccessKeyStrategy};

#[tokio::main]
async fn main() {
    let region = Region::aws("ap-southeast-2").unwrap();
    let key: AccessKey = "CSAKmyKeyId.myKeySecret".parse().unwrap();
    let strategy = AccessKeyStrategy::new(region, key).unwrap();
    let client = CtsClient::new(strategy);

    let workspace_id = WorkspaceId::try_from("E4UMRN47WJNSMAKR").expect("Valid ID");
    let access_key = client.create_access_key("Test Access Key", workspace_id, Role::Admin)
        .await
        .expect("failed to create access key");
}
```