secure_data 0.1.0

Secret wrappers, envelope encryption, KMS providers, crypto agility, and password hashing.
Documentation

secure_data — Data protection, secrets management & FIPS readiness (OWASP C8).

This crate provides:

  • Typed secret wrappers that suppress Debug, Display, and default Serialize output.
  • Pluggable key-provider abstraction with a StaticDevKeyProvider for tests.
  • Envelope encryption/decryption via AES-256-GCM (FIPS-ready aws-lc-rs behind fips feature).
  • Key ring lifecycle management with rotation and dual-read support.
  • Secret reference parsing (vault://, kms://, env://).
  • Zeroization and ReadOnce memory helpers.