Skip to main content

kovra_core/
lib.rs

1//! `kovra-core` — vault, crypto, policy, model, resolver, `AgentScope`, and the
2//! OS/cloud traits (`Provider`/`Confirmer`/`Keyring`/`Biometric`).
3//!
4//! All policy and invariants (spec §2, §3) live here; the other faces (CLI,
5//! wrapper, Web UI, MCP) are thin adapters over this crate.
6//!
7//! L1 provides the secret model, the coordinate URI parser, secret-bearing
8//! value types, and AEAD encryption at rest. L2 adds storage on disk: the
9//! partitioned per-secret vault store with atomic writes and a tolerant loader,
10//! the `~/.vaults` registry with project→global override, the truncated
11//! fingerprint, the master key behind a `Keyring` trait, and the rebuildable
12//! redb metadata index (ADR-0001).
13
14//! L3 adds the invariant-enforcement core (OS-independent half of I1–I16):
15//! `AgentScope` (I13), the sensitivity decision (`policy::decide`), the
16//! confirmation broker (`Confirmer`/`Biometric` + `CliApproveConfirmer`, I16),
17//! `prod`-born-`high` (I5), and the append-only audit log (§11, I12) — plus the
18//! `Clock` trait. Every face consumes these decisions; none re-derives them.
19
20pub mod audit;
21pub mod clock;
22pub mod confirm;
23pub mod coordinate;
24pub mod crypto;
25pub mod doctor;
26pub mod env_source;
27pub mod envrefs;
28pub mod error;
29pub mod exchange;
30pub mod file_confirm;
31pub mod fingerprint;
32pub mod formatter;
33pub mod hooks;
34pub mod index;
35pub mod keybackup;
36pub mod keypair;
37pub mod keyring;
38pub mod package;
39pub mod policy;
40pub mod provider;
41pub mod record;
42pub mod registry;
43pub mod resolver;
44pub mod scaffold;
45pub mod scope;
46pub mod secret;
47pub mod sensitivity;
48pub mod store;
49pub mod totp;
50
51pub use audit::{
52    AUDIT_LOG, AuditAction, AuditEvent, AuditQuery, AuditSink, FileAuditSink, MockAuditSink,
53    outcome_result, query_log, read_log, render_log,
54};
55pub use clock::{Clock, MockClock, SystemClock};
56pub use confirm::{
57    Biometric, CliApproveConfirmer, ConfirmOutcome, ConfirmRequest, Confirmer, MockConfirmer,
58    Untrusted,
59};
60pub use coordinate::{Coordinate, EnvSegment, KeyHalf, Scope};
61pub use crypto::{KEY_LEN, NONCE_LEN, SealedRecord, open, open_bytes, seal, seal_bytes};
62pub use doctor::{Finding, Report, Severity, check as doctor_check};
63pub use env_source::{EnvSource, MockEnvSource, SystemEnvSource};
64pub use envrefs::{EnvRefs, Source};
65pub use error::CoreError;
66pub use exchange::{
67    BINARY_NAME, INSTALL_SCRIPT, PACKAGE_FILE, RECIPIENT_COORDINATE, RECIPIENT_PUB, UNPACK_SCRIPT,
68    VOLUME_LABEL, mount_point, render_install_script, render_unpack_script, write_bootstrap,
69};
70pub use file_confirm::{FileConfirmer, PENDING_DIR, PendingRequest};
71pub use fingerprint::{FINGERPRINT_BYTES, fingerprint};
72pub use formatter::{
73    DeviceInfo, Formatter, MockFormatter, assert_eraseable_target, eligible_targets,
74    format_removable, wipe_headline,
75};
76pub use hooks::{HOOK_MARKER, Scanner, gitleaks_config, hook_script};
77pub use index::{INDEX_FILE, Index, IndexEntry, RecordMode};
78pub use keybackup::{BackupKind, export_backup, import_backup};
79pub use keypair::{
80    EnvSshAgent, GeneratedKeypair, KeyAlgorithm, MockSshAgent, RSA_BITS, SSH_AGENT_RSA_SHA2_256,
81    SSH_AGENT_RSA_SHA2_512, SSH_SIG_NAMESPACE, SshAgent, decrypt, encrypt_to, generate,
82    public_algorithm, public_from_private, public_key_blob, sign, sign_ssh_agent, verify,
83    write_string,
84};
85pub use keyring::{Argon2Keyring, Keyring, MasterKey, MockKeyring, OsKeyring};
86pub use package::{
87    AccessToken, PACKAGE_MAGIC, PACKAGE_SCHEMA_VERSION, Package, PackagePayload, TokenConfirmer,
88    enforce_no_prod_unattended, open_attended, open_unattended, seal as seal_package, verify_token,
89};
90pub use policy::{
91    AccessRequest, Decision, DenyReason, PROD, birth_sensitivity, decide,
92    delete_requires_confirmation, downgrade_requires_confirmation, inject_requires_allowlist,
93    inject_requires_confirmation, is_downgrade, prod_blocks_unattended, prod_forbids_fallback,
94    prod_not_packageable,
95};
96pub use provider::{
97    MockProvider, SchemeRouter, SecretProvider, UnsupportedProvider, reference_scheme,
98};
99pub use record::{SCHEMA_VERSION, SecretRecord, Vault};
100pub use registry::{Registry, Resolution, VaultOrigin};
101pub use resolver::{Resolved, ResolvedVar, resolve};
102pub use scaffold::{Lang, Proposal, coordinate_for, detect_in_source, render_env_refs, scan_repo};
103pub use scope::{AgentScope, Filter, Operation, Origin, Surface};
104pub use secret::SecretValue;
105pub use sensitivity::Sensitivity;
106pub use store::{LoadOutcome, Quarantined};
107pub use totp::{
108    DEFAULT_DIGITS, DEFAULT_PERIOD, ParsedEnrollment, TotpAlgorithm, TotpParams, code_at,
109    decode_base32, parse_otpauth, parse_seed_input, returns_current, seconds_remaining,
110};