Crate ejson

Expand description

EJSON - Encrypted JSON secrets management.

This crate provides utilities for managing encrypted secrets in source control using public-key cryptography (NaCl Box).

Supports JSON (.ejson, .json), TOML (.etoml, .toml), and YAML (.eyaml, .eyml, .yaml, .yml) file formats.

§Security Features

boxed_message: Wire format for encrypted messages.
crypto: Cryptographic operations for ejson using NaCl Box (Curve25519 + XSalsa20 + Poly1305).
env: Environment variable export utilities for EJSON/EYAML/ETOML files.
format: File format detection for ejson files.
handler: Format handler trait for unified file format support.
json: JSON processing for ejson files.
toml: TOML processing for etoml files.
typed: Typed API for working with decrypted content.
yaml: YAML processing for eyaml files.

MAX_FILE_SIZE: Maximum file size for encryption/decryption operations (10 MB). This prevents denial of service through memory exhaustion.

decrypt: Decrypt data from a reader and write to a writer.
decrypt_bytes_typed: Decrypt bytes and return the decrypted contents as a typed value.
decrypt_file: Decrypt a file and return the decrypted contents.
decrypt_file_typed: Decrypt a file and return the decrypted contents as a typed value.
decrypt_with_format: Decrypt data with a specific format.
encrypt: Encrypt data from a reader and write to a writer.
encrypt_file_in_place: Encrypt a file in place with file locking.
encrypt_with_format: Encrypt data with a specific format.
generate_keypair: Generate a new ejson keypair.