Skip to main content

evault_core/crypto/
mod.rs

1//! Cryptographic primitives and secret-handling types used across `evault`.
2//!
3//! - [`SecretString`] is a thin re-export of [`secrecy::SecretString`] so that
4//!   callers do not need to depend on `secrecy` directly. It wipes its
5//!   contents on drop and redacts in [`std::fmt::Debug`] output.
6//! - [`MasterKey`] is a 256-bit random key used to unlock the encrypted
7//!   metadata store ([`SqlCipherMetadataStore`](../../evault_store_sqlcipher)).
8//!   It is generated by [`MasterKey::generate`] and zeroized on drop.
9
10mod master_key;
11mod secret;
12
13pub use master_key::{MasterKey, MASTER_KEY_LEN};
14pub use secret::{SecretBytes, SecretString};
15
16/// Re-export of [`secrecy::ExposeSecret`] for convenience.
17pub use secrecy::ExposeSecret;