cryptotensors 0.2.3

CryptoTensors is an extension of safetensors that adds encryption, signing, and access control (Rego-based policy engine) while maintaining full backward compatibility with the safetensors format. It provides functions to read and write safetensors which aim to be safer than their PyTorch counterpart.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81

// MODIFICATION: This file has been modified from the original safetensors project.
// Added module exports for CryptoTensors encryption functionality.
// See NOTICE file for details.
//
// TODO(no_std): CryptoTensors encryption modules currently require std due to:
// - registry.rs: std::sync::RwLock, std::fs::File, libloading for dynamic providers
// - policy.rs: regorus (Rego engine) may require std
// - Various modules use std::collections::HashMap, std::sync::Arc
// Future work: Extract pure crypto functions (encrypt/decrypt/sign/verify) to support no_std,
// requiring users to pass keys directly instead of using the registry system.

#![deny(missing_docs)]
#![doc = include_str!("../README.md")]
#![cfg_attr(not(feature = "std"), no_std)]
pub mod slice;
pub mod tensor;

// CryptoTensors: Encryption and signing modules
/// CryptoTensors module - encryption/decryption manager
pub mod cryptotensors;
/// Encryption/decryption functions (AES-GCM, ChaCha20-Poly1305)
pub mod encryption;
/// Key management (JWK format)
pub mod key;
/// Access policy engine for model loading validation (Rego)
pub mod policy;
/// Pluggable KeyProvider registry for external key sources
pub mod registry;
/// Signing/verification functions (Ed25519)
pub mod signing;

/// serialize_to_file and rewrap functions only valid in std
#[cfg(feature = "std")]
pub use tensor::{rewrap, rewrap_file, rewrap_header, serialize_to_file};
pub use tensor::{serialize, Dtype, Metadata, SafeTensorError, SafeTensors, View};

// CryptoTensors: Re-export key types
pub use cryptotensors::{
    CryptoTensors, CryptoTensorsError, DeserializeCryptoConfig, SerializeCryptoConfig,
};
pub use key::KeyMaterial;
pub use policy::AccessPolicy;
pub use registry::{
    disable_provider, enable_provider, get_master_key, get_signing_key, get_verify_key,
    load_provider_native, register_provider, register_provider_with_priority, DirectKeyProvider,
    KeyProvider, PRIORITY_DIRECT, PRIORITY_ENV, PRIORITY_FILE, PRIORITY_NATIVE, PRIORITY_TEMP,
};

#[cfg(feature = "provider-env")]
pub use registry::EnvKeyProvider;
#[cfg(feature = "provider-file")]
pub use registry::FileKeyProvider;

#[cfg(not(feature = "std"))]
#[macro_use]
extern crate alloc;

/// A facade around all the types we need from the `std`, `core`, and `alloc`
/// crates. This avoids elaborate import wrangling having to happen in every
/// module.
mod lib {
    #[cfg(not(feature = "std"))]
    mod no_stds {
        pub use alloc::borrow::Cow;
        pub use alloc::string::{String, ToString};
        pub use alloc::vec::Vec;
        pub use hashbrown::HashMap;
    }
    #[cfg(feature = "std")]
    mod stds {
        pub use std::borrow::Cow;
        pub use std::collections::HashMap;
        pub use std::string::{String, ToString};
        pub use std::vec::Vec;
    }
    /// choose std or no_std to export by feature flag
    #[cfg(not(feature = "std"))]
    pub use no_stds::*;
    #[cfg(feature = "std")]
    pub use stds::*;
}