[][src]Crate ironoxide

IronOxide - IronCore Labs Rust SDK

The IronOxide Rust SDK is a pure Rust library that integrates IronCore's privacy, security, and data control solution into your Rust application. Operations in the IronOxide SDK are performed in the context of a user or backend service account. This SDK supports all possible operations that work in the IronCore platform including creating and managing users and groups, encrypting and decrypting document bytes, and granting and revoking access to documents to users and groups.

User Operations

The IronOxide SDK user methods allow for multiple operations to manage your synced users/service accounts from your application into the IronCore platform:

  • Lookup existing synced users in the IronCore system given their unique account IDs
  • Sync and generate cryptographic keys for authenticated users from your application into IronCore
  • List, create, and delete cryptographic device keys for synced users
  • List a users devices

Document Operations

All secret data that is encrypted using the IronCore platform are referred to as documents. Documents wrap the raw bytes of secret data to encrypt along with various metadata that helps convey access information to that data. Documents can be encrypted, decrypted, updated, granted to users and groups, and revoked from users and groups.

Group Operations

Groups are one of the many differentiating features of the IronCore platform. This SDK allows for easy management of your cryptographic groups. Groups can be created, updated, and deleted along with management of a groups administrators and members.



Blocking SDK operations


IronOxide SDK configuration


SDK document operations


SDK group operations


Policy types Policies are a list of rules which map data labels to a list of users/groups. This allows the separation of concerns when it comes to labeling data vs defining who to encrypt to.


Convenience re-export of essential IronOxide types


BlindIndexSearch - Search SDK for working with Blind Indexes.


SDK user operations



Account's device context. Needed to initialize the Sdk with a set of device keys. See IronOxide.initialize()


Signing keypair specific to a device. Used to sign all requests to the IronCore API endpoints. Needed to create a DeviceContext.


Struct that is used to make authenticated requests to the IronCore API. Instantiated with the details of an account's various ids, device, and signing keys. Once instantiated all operations will be performed in the context of the account provided.


Public/Private asymmetric keypair that is used for decryption/encryption.


Represents an asymmetric private key that wraps the underlying bytes of the key.


Provides soft rotation capabilities for user and group keys


Represents an asymmetric public key that wraps the underlying bytes of the key.



Result of calling initialize_check_rotation


Errors generated by IronOxide SDK operations


Public SDK operations



Initialize the IronOxide SDK with a device. Verifies that the provided user/segment exists and the provided device keys are valid and exist for the provided account. If successful returns an instance of the IronOxide SDK


Initialize the IronOxide SDK and check to see if the user that owns this DeviceContext is marked for private key rotation, or if any of the groups that the user is an admin of are marked for private key rotation.

Type Definitions


Result of an Sdk operation