kagi-vault 0.1.2

Encrypted secrets and environment variable manager for teams — a secure, team-ready dotenv alternative with per-service isolation
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41

use serde::{Deserialize, Serialize};
use sha2::{Digest, Sha256};

#[derive(Serialize, Deserialize, Debug, Clone)]
#[allow(dead_code)]
pub struct ProjectStateManifest {
    pub version: i64,
    pub project_id: String,
    pub revision: i64,
    pub previous_manifest_hash: Option<String>,
    pub kagi_json_hash: String,
    pub access_json_hash: String,
    pub file_hashes: Vec<FileHash>,
    pub timestamp: String,
    pub signer_member_id: String,
    pub signer_public_key: String,
}

#[derive(Serialize, Deserialize, Debug, Clone)]
#[allow(dead_code)]
pub struct FileHash {
    pub path: String,
    pub sha256: String,
}

impl ProjectStateManifest {
    #[allow(dead_code)]
    pub fn compute_hash(&self) -> String {
        let canonical = serde_json::to_string(self).unwrap_or_default();
        let mut hasher = Sha256::new();
        hasher.update(canonical.as_bytes());
        hex::encode(hasher.finalize())
    }
}

#[allow(dead_code)]
pub fn hash_json(json: &str) -> String {
    let mut hasher = Sha256::new();
    hasher.update(json.as_bytes());
    hex::encode(hasher.finalize())
}