Crate secrets_core

Crate secrets_core

Expand description

Core domain primitives shared across brokers, SDKs, and providers.

Re-exports§

pub use crate::spec_registry::SecretSpecRegistry;
pub use crate::spec_schema::specs_to_json_schema;
pub use crate::spec_validate::SecretValidationResult;
pub use broker::BrokerSecret;
pub use broker::SecretsBroker;
pub use crypto::dek_cache::DekCache;
pub use crypto::envelope::EnvelopeService;
pub use embedded::CoreBuilder;
pub use embedded::CoreConfig;
pub use embedded::MemoryBackend;
pub use embedded::MemoryKeyProvider;
pub use embedded::Policy;
pub use embedded::SecretsCore;
pub use embedded::SecretsError;
pub use policy::Authorizer;
pub use policy::PolicyGuard;
pub use policy::Principal;
pub use provider::Provider;
pub use resolver::DefaultResolver;
pub use resolver::ResolverConfig;
pub use spec::SecretDescribable;
pub use spec::SecretSpec;

Modules§

backend
broker
crypto
embedded
errors
http
key_provider
policy
probe
provider
resolver
rt
spec
spec_compat
spec_registry
spec_schema
spec_validate
types
uri

Structs§

Envelope: Envelope metadata associated with encrypted records.
Scope: Canonical scope grouping for secrets and principals.
SecretIdentifier: Stable identifier wrapper preserved for compatibility.
SecretListItem: Lightweight listing entry for secrets.
SecretMeta: High-level metadata about a secret.
SecretRecord: Concrete secret record.
SecretUri
SecretVersion: Version metadata describing a specific revision of a secret.
VersionedSecret: Versioned record returned by backends.

Enums§

ContentType: Supported content encodings.
DecryptError
EncryptionAlgorithm: Supported envelope algorithms.
Error: Canonical secrets error surface.
Visibility: Visibility boundary for a secret.

Traits§

KeyProvider: Trait implemented by key providers responsible for wrapping and unwrapping DEKs.
SecretsBackend: Storage interface implemented by provider backends.

Type Aliases§

DecryptResult: Result alias for decryption operations.
Result: Result alias for secrets operations.